This blog post is about Themify Ultra theme vulnerability. If you’re a Themify Ultra user, please update the theme to at least version 7.3.6. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Themify Ultra Theme The theme Themify Ultra (premium version), which is estimated to have over 70,000 active […]
The vulnerability in Elementor was originally reported by Hồng Quân (luk6785 at VNPT-VCI) to our alliance program. We are collaborating with the researcher to release the content of this security advisory article. This blog post is about an Elementor plugin vulnerability. If you’re an Elementor user, please update the plugin to at least version 3.18.2. […]
This blog post is about a premium Thrive Theme vulnerability. If you’re a premium Thrive Theme user, please update the plugin to at least version 3.24.0. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Thrive Theme The theme Thrive (premium version), which is estimated to have over 110,000 active […]
Today, we’re excited to announce the next generation of Patchstack firewall engine. The new engine is engineered to provide the most efficient application layer protection possible, with even greater vulnerability coverage and industry-leading performance. Over 50% of all known WordPress-related (core, plugins, themes, etc.) security vulnerabilities in 2023 have been originally reported by Patchstack Alliance […]
This blog post is about the WooCommerce and Jetpack plugin vulnerability. If you’re a WooCommerce and Jetpack user, please update the plugin to at least version 8.2.0 and 12.8-a.3 respectively. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the WooCommerce and Jetpack plugin The plugin WooCommerce (versions <= 8.1.1, free […]
Over the past 6 months, we’ve been building, testing and fine-tuning a new vulnerability scoring system called Patchstack Priority to provide a more accurate representation of the seriousness of security vulnerabilities. The goal? Help WordPress developers reduce alert fatigue and know what to patch first. We have carefully assigned the Patchstack Priority scores to all […]
This blog post is about an Elementor plugin vulnerability. If you’re an Elementor user, please update the plugin to at least version 3.16.5. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the Elementor Plugin The plugin Elementor (versions <= 3.16.4, free version), which has over 5 million active installations, is […]
We’re happy to announce a new strategic partnership with Cloudways. This week, Cloudways launched their vulnerability scanner powered by Patchstack’s database, giving their customers visibility into potential security issues with their WordPress core, plugin, and theme versions. In short, this means that more people will know whether they have hidden security risks on their websites. […]
On the 12th of October 2023, WordPress.org released a security update and recommended users update their sites as soon as possible. This WordPress core 6.3.2 security release addresses 7 different security vulnerabilities and 1 potential security issue that affects multiple WordPress core versions. For many, WordPress automatically updates the core to the latest version. Check […]
This blog post is about the User Submitted Posts plugin vulnerability. If you’re a User Submitted Posts user, please update the plugin to at least version 20230914. Patchstack users are protected from the vulnerability. For plugin developers, we have security audit services and Threat Intelligence Feed API for hosting companies. About the User Submitted Posts Plugin The plugin User […]