Welcome back to the Patchstack Weekly Security Update! This update is for week 34 of 2022. This week, I will share with you two plugins that patched security bugs you should know about in the weekly vulnerability roundup. But first, the weekly knowledge share. Which will be all about severity scores associated with security bugs […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 33 of 2022. In this week’s knowledge share where I will be discussing the practice of handling security bugs. I will then discuss only one insecure plugin in this week’s vulnerability news. Unfortunately, the plugin did not receive a security patch for […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 32 of 2022. It is August, and the Patchstack Alliance is growing. New security researchers have joined the alliance in the last month, and we are receiving some great reports of serious security bugs in open source components affecting millions of websites […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 31 of 2022. In this week’s knowledge share, I will talk about nulled plugins and themes – how they are a hidden security risk, how they harm trust in open source, and what you can do to make things right. I will […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 30 of 2022. This week I will finally get to talk about SSRF! SSRF stands for Server Side Request Forgery. This is a category of application vulnerability that is sometimes overlooked but could allow attackers to bypass security measures and turn a […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 29 of 2022. This week’s weekly knowledge share is a response to the all too common headlines about “Millions of WordPress websites are under attack” we see every so often. I will share why attempted attacks are just the background radiation of […]
This week I will talk about the importance of removing unused code and components from your websites. Simply disabling a theme or plugin is not enough – reviewing and deleting these things has to become a habit. I will also cover a few vulnerability highlights, including 10 abandoned components that have known unpatched vulnerabilities in […]
In this article, we will explain what CSV injection is and how can CSV files be exploited. We will also shed some light on how to secure against CSV injection vulnerabilities and protect your site even further. We will also highlight a plugin affected by a CSV Injection vulnerability that at the time of writing […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 26 of 2022. Introduction This week’s Patchstack Weekly is a little different, and a little longer – I will be sharing with you highlights of a conversation I had with Rotem Bar. Rotem works at Cider Security as Head of Marketplace Integrations […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 25 of 2022. This week’s knowledge share will include some tips for WordPress site owners on what to look out for when choosing secure plugins. I will also share vulnerability news, with one critical issue to discuss which may have already been […]