Patchstack, a leading WordPress security company, recently raised $5 million in its Series A funding round. The funding round was led by Karma Ventures, G+D Ventures, and Emilia Capital, an investment firm backed by Yoast founders Marieke van de Rakt and Joost de Valk. “With the Series A, we plan to accelerate Patchstack product development…
Starting October 1st, 2024, WordPress.org will roll out new security measures aimed at enhancing the safety of accounts with commit access to plugins and themes. This was announced by the Automattic-sponsored developer Dion Hulse. Mandatory Two-Factor Authentication Beginning next month, WordPress.org will make two-factor authentication (2FA) mandatory for all plugin and theme authors. Authors can…
The popular WordPress Multilingual plugin, WPML, which is installed on over 1,000,000 websites, has patched a Remote Code Execution (RCE) vulnerability (CVE-2024-6386) that researchers have classified as “Critical,” with a CVSS score of 9.9. Users are strongly advised to update their websites to the patched version, WPML 4.6.13. Security researcher Mat Rollings (stealthcopter) discovered and…
The LiteSpeed Cache Plugin, widely used to enhance the speed and performance of WordPress websites, recently patched a critical unauthenticated privilege escalation vulnerability (CVE-2024-28000). With over 5 million active installations, this plugin is a critical tool for many WordPress users. John Blackbourn, a member of the Patchstack Alliance community, reported the vulnerability and was awarded…