This blog post is about the K Elements plugin vulnerability. If you’re a KLEO theme user who is using the K Elements plugin, please update the plugin to at least version 5.4.0. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin […]
This blog post is about the Admin and Site Enhancements (ASE) free and pro plugin vulnerability. If you’re an Admin and Site Enhancements (ASE) user, please update the plugin to at least version 7.6.3. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. […]
This blog post is about the Better Find and Replace plugin vulnerability. If you’re a Better Find and Replace user, please update the plugin to at least version 1.6.8. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have security […]
This blog post discusses about the findings on the RealHome theme and the plugin that is installed with it Easy Real Estate. Currently there are no known updates to fix this issue so if you are a user of the theme and plugin disabling them temporarily is recommended until the issues are fixed. If you […]
The vulnerability in the GiveWP plugin was originally reported by Patchstack Alliance community member Edisc from Zalopay Security to the Patchstack Zero Day bug bounty program for WordPress. Patchstack Zero Day program has awarded the researcher a bounty of $2,600 USD. If you wish to participate in the program, you can join the community here. […]
This blog post is about Fancy Product Designer plugin vulnerabilities. If you’re a Fancy Product Designer user, please delete or deactivate the plugin until the patch is released by the vendor. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, […]
This blog post is about the WPLMS and VibeBP vulnerabilities. If you’re a WPLMS and VibeBP user, please update the plugin to at least version 1.9.9.5.3 and 1.9.9.7.7 respectively. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have security […]
This blog post is about the Woffice theme vulnerabilities. If you’re a Woffice user, please update the theme to at least version 5.4.15. Patchstack customers are protected from this vulnerability, and no immediate action is needed from you. For plugin developers, we have security audit services and Enterprise API for hosting companies. About the Woffice Theme The theme Woffice, […]
This blog post discusses about the findings on the Sweet Date theme. If you’re a Sweet Date user, please update the theme to version 3.8.0 or higher. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have security audit services and Enterprise […]
This blog post is about an arbitrary .htaccess file overwrite vulnerability on the Rank Matho SEO plugin. If you’re a Rank Math SEO plugin user, please update the plugin to the latest version or at least to the version 1.0.232. If you are a Patchstack customer, you are protected from this vulnerability already, and no […]