Welcome back to the Patchstack Weekly security update! This update is for week 14 of 2022 and I will talk about the first 5 steps to a secure WordPress. This week has a lot of vulnerability news to cover, and I will be sharing it as a 3-2-1 punch of 3 plugins that received no […]
Welcome back to the Patchstack Weekly security update! This update is for week 13 of 2022. This week, I will talk about two high-risk vulnerabilities in two WordPress plugins with one big difference: One was patched, one was not. In this week’s knowledge share I will share some new WP-CLI Security commands that were just […]
Welcome back to the Patchstack Weekly Security Update! This update is for week 12 of 2022 and this week we’ll talk about WordPress vulnerabilities and WordPress file uploads. This week in WordPress-related vulnerabilities, I will talk about 3 plugins that have each been patched due to high-risk security bugs found in their code. I will […]
Welcome back to the Patchstack Weekly security update! This update is for week 11 of 2022. This week is all about plugin vulnerabilities and the State of WordPress Security 2021 whitepaper. There is some big news this week, but really I should say last week. Patchstack released our State of WordPress Security Whitepaper for 2021 […]
Welcome back to the Patchstack Weekly security update! This update is for week 10 of 2022 it is the beginning of March. In this week I will cover a few high-risk vulnerabilities found in WordPress components, give an update on the insecure old Freemius library situation and discuss last month’s additions to the Patchstack database. […]
Welcome back to the Patchstack Weekly security update! This update is for week 8 of 2022 and will dive into several vulnerabilities and talk about vulnerability risks. This week’s vulnerability news will have a lot to cover. One WordPress plugin had a vulnerability so severe the WP.org team initiated an auto-update for all installations. Another […]
Welcome back to the Patchstack Weekly security update! This update is for week 6 of 2022. Last week, two high severity vulnerabilities were patched by the developers of WP Spell Check and Revolut Gateway for WooCommerce. Both of these plugins patched unauthenticated SQL injection vulnerabilities, so that will be the topic of this week’s knowledge […]
Welcome back to the Patchstack Weekly security update! It is the beginning of February and this update is for the fifth week of 2022. This week I will share some of the core principles of open-source software development and how security researchers participate in them, as well explaining why open source projects should always have […]
This blog post introduces the many players in open-source security and what happens when we find a vulnerability in WordPress plugin. There are people in many different roles, that play a part in open-source security beyond the developers and the end-users of their open-source projects. Patchstack engages with people of varying roles, who have different […]
Patchstack weekly is a weekly security update made by Patchstack Security Advocate Robert Rowley. Every week Robert highlights the mentionable WordPress vulnerabilities, helps us learn something new about security, and gives thanks and appreciation to those who helped make the web a safer place. What to learn more about Robert? Read this: Meet Robert – […]