Yes, Patchstack is FREE to download and install on the official WordPress repository. It always has been. Unfortunately, not everyone new to WordPress is aware of this and there are different reasons why. Automattic (the company behind WordPress.com hosting company) has cloned the official WordPress.org plugin repository which has been recently reported to outrank the […]
We’ve just released a new type of Patchstack reports – a downloadable website security report that makes it easy to get a periodic overview of a website’s security status. The new ‘Developer report‘ is available in Patchstack Developer plan. We’re also working on a ‘Client report’ (release date TBD) for our Business plan users, which […]
With another busy month behind us, let’s see what the Patchstack Alliance members dug up in September! Our researchers found 53 confirmed vulnerabilities. 9 of the vulnerabilities were found in plugins with 100,000+ installs across WordPress, including one with 2 million installs. Thought to be fair, that vulnerability in question was not particularly severe. A […]
We’ve always said the best way to handle website security is by preventing attacks in the first place. We’re happy to announce that One.com is the latest hosting provider joining the spearhead to tackle open-source security problems at the root. One.com has introduced Patchstack’s WordPress vulnerability alerts to customers on their Managed WordPress subscription, and […]
It’s September, which means it’s time to look back at what our security researchers got up to in the last month of summer – and what a hot time it was! A very busy august The Patchstack Alliance reported 105 new validated vulnerabilities last month. This doesn’t mean that WordPress plugin developers have gotten lazy […]
We’re excited to announce a partnership between Patchstack and Hostinger! With the help of Patchstack, Hostinger is now providing all its customers with up-to-date information about security vulnerabilities in their WordPress websites. If you’re a Hostinger customer, you can check the security status of all your installed WordPress plugins, themes, and core versions directly from […]
Each month we give out rewards and recognition to our community of security researchers and ethical hackers for their contributions to finding WordPress vulnerabilities. Below you’ll find the leaderboard and winners of July’s bug hunt. July 2022 summary Our researchers caught some seriously big fish in July – one reported vulnerability was found in a […]
WordPress vulnerability news is a weekly digest of highlighted WordPress plugin security vulnerabilities or vulnerability discloses that have been published (there are other, less critical vulnerabilities on smaller plugins that unfortunately don’t make it to the list). Keeping up to date with security vulnerabilities in WordPress and other CMSs is an important part of security. […]
This week was the official release of WordPress 6.0. The release was named after Grammy award-winning Latin jazz and Afro-Cuban jazz musician Arturo O’Farrill, who has a website running none other than WordPress! What a great reminder, of how WordPress powers many independent websites. UI updates in WordPress 6.0 Users who upgrade to WordPress 6.0 […]
In March 2021, we started a bug-hunting program where together with partners, we reward developers and ethical hackers who help us make the WordPress ecosystem more secure. Since then, we have received more than 1000 security reports and paid out $17,450 USD as cash rewards. This is all possible thanks to our dear partners who […]