Quantcast
Channel: Patchstack
Browsing latest articles
Browse All 105 View Live

Image may be NSFW.
Clik here to view.

Hardening WordPress – A Checklist To Get Started

These days, spinning up a new WordPress website is quick and easy, but securing it is not so straightforward. In this post, we will cover some of the most critical things that you need to consider...

View Article


Image may be NSFW.
Clik here to view.

Critical Vulnerabilities Found in Fancy Product Designer Plugin

Fancy Product Designer Unauthenticated Arbitrary File Upload 20k CVSS 9.0 Fancy Product Designer Unauthenticated SQL Injection 20k CVSS 9.3 This blog post is about Fancy Product Designer plugin...

View Article


Image may be NSFW.
Clik here to view.

Critical Vulnerability Patched in GiveWP Plugin

GiveWP Unauthenticated PHP Object Injection 100k CVSS 9.8 The vulnerability in the GiveWP plugin was originally reported by Patchstack Alliance community member Edisc from Zalopay Security to the...

View Article

Image may be NSFW.
Clik here to view.

How & Why You Should Remove Unused WordPress Plugins

As a seasoned WordPress developer, you might have spent countless hours perfecting your WordPress site by carefully selecting themes and plugins to create an outstanding experience. But did you stop...

View Article

Image may be NSFW.
Clik here to view.

Interview with Kévin Mosbahi AKA Mika

Today we present an interview with Kévin Mosbahi(most of you probably know him by his nickname – Mika). He lives in France and has been passionate about computers since he was a teenager. Over time he...

View Article


Image may be NSFW.
Clik here to view.

Unauthenticated Privilege Escalation Vulnerability in RH – Real Estate Theme

RealHomes Theme Unauthenticated Privilege Escalation 32K CVSS 9.8 Easy Real Estate Plugin Unauthenticated Privilege Escalation 32K CVSS 9.8 This blog post discusses about the findings on the RealHome...

View Article

Image may be NSFW.
Clik here to view.

Privilege Escalation Vulnerability Patched in Better Find and Replace Plugin

Better Find and Replace Privilege Escalation Vulnerability 50k CVSS 8.8 This blog post is about the Better Find and Replace plugin vulnerability. If you’re a Better Find and Replace user, please...

View Article

Image may be NSFW.
Clik here to view.

Rare Case of Privilege Escalation in ASE Plugin Affecting 100k+ Sites

Admin and Site Enhancements (ASE) Privilege Escalation 100k CVSS 7.5 Admin and Site Enhancements (ASE) Pro Privilege Escalation 100k CVSS 7.5 This blog post is about the Admin and Site Enhancements...

View Article


Image may be NSFW.
Clik here to view.

Interview with Dhabaleshwar Das

Today we present an interview with Dhabaleshwar Das. He’s a security professional with 3 years of experience across various domains, including web, network, API, and mobile VAPT, container, and cloud...

View Article


Image may be NSFW.
Clik here to view.

Critical Privilege Escalation Patched in KLEO Theme’s Plugin

K Elements Privilege Escalation 23k CVSS 9.8 This blog post is about the K Elements plugin vulnerability. If you’re a KLEO theme user who is using the K Elements plugin, please update the plugin to at...

View Article

Image may be NSFW.
Clik here to view.

Reflected XSS Patched in Essential Addons for Elementor Affecting 2+ Million...

Essential Addons for Elementor Reflected Cross Site Scripting 2M CVSS 7.1 This blog post is about the Essential Addons for Elementor plugin vulnerability. If you’re an Essential Addons for Elementor...

View Article

Image may be NSFW.
Clik here to view.

The Best WooCommerce Security Plugins

Is your WooCommerce store truly secure? If you cannot confidently say “Yes!” then it is vital to be aware that just one single security breach could easily cripple your business overnight. This can...

View Article

Image may be NSFW.
Clik here to view.

Unauthenticated Arbitrary File Upload Vulnerability in Chaty Pro Plugin

Chaty Pro Unauthenticated Arbitrary File Upload 18K CVSS 10.0 This blog post discusses about the findings on the Chaty Pro plugin. This vulnerability is fixed on version 3.3.4 and the vulnerable...

View Article


Image may be NSFW.
Clik here to view.

Meet João Pedro Soares de Alcântara AKA Kinorth

Today we present an interview with João Pedro Soares de Alcântara(most of you probably know him by his nickname – Kinorth). He lives in Brazil and has been passionate about computers since his...

View Article

Image may be NSFW.
Clik here to view.

Critical LFI to RCE Vulnerability in WP Ghost Plugin Affecting 200k+ Sites

WP Ghost Local File Inclusion to RCE 200k CVSS 9.6 This blog post is about the WP Ghost plugin vulnerability. If you’re a WP Ghost user, please update the plugin to at least version 5.4.02. If you are...

View Article


Image may be NSFW.
Clik here to view.

New Year, New Threats: Q1 2025’s Most Exploited WordPress Vulnerabilities

Introduction WordPress remains the backbone of millions of websites, offering flexibility and scalability through its extensive library of plugins and themes. However, this same openness also makes it...

View Article

Image may be NSFW.
Clik here to view.

How to Detect and Prevent Unauthorized Access in WordPress

This article was originally authored by Robert Abela of Melapress, a Patchstack partner specializing in WordPress security and user management solutions. Unauthorized WordPress access is more common...

View Article


Image may be NSFW.
Clik here to view.

Cloudfest Hackathon 2025: SBOMinator to Secure the OSS Supply Chain

No one can do it alone and that’s nowhere quite as obvious as it is in open-source software. With different dependencies and whole ecosystems needing to work in perfect sync in order to stay secure,...

View Article
Browsing latest articles
Browse All 105 View Live