security
-
WooCommerce 5.7.0 Patches Security Issue that Could Potentially Leak Analytics Reports
WooCommerce shipped version 5.7.0 through a forced update for some users earlier this week. The minor release was not billed … Continue reading WooCommerce 5.7.0 Patches Security Issue that Could Potentially Leak Analytics Reports →
-
Extendify Patches Vulnerabilities in the Redux Framework Plugin
Wordfence has published two vulnerabilities that affect users of the Redux Framework plugin, which has more recently come to be … Continue reading Extendify Patches Vulnerabilities in the Redux Framework Plugin →
-
Wordfence and WPScan Publish Mid-Year WordPress Security Report
WPScan is on track to post a record-breaking year for WordPress plugin vulnerabilities submitted to its database, according to a … Continue reading Wordfence and WPScan Publish Mid-Year WordPress Security Report →
-
WooCommerce Patches Critical Vulnerability, Sending Forced Security Update from WordPress.org
WooCommerce has patched an unspecified, critical vulnerability identified on July 13, 2021, by a security researcher through Automattic’s HackerOne security … Continue reading WooCommerce Patches Critical Vulnerability, Sending Forced Security Update from WordPress.org →
-
Wordfence Now Authorized as a CVE Numbering Authority
Wordfence has been authorized by the Common Vulnerabilities and Exposures (CVE®) Program as a CNA (CVE Numbering Authority), which allows … Continue reading Wordfence Now Authorized as a CVE Numbering Authority →
-
Jetpack 9.8 Introduces WordPress Stories Block Alongside Forced Security Update
Jetpack 9.8 was released this week, introducing WordPress Stories as the headline feature. The Story block, which allows users to create … Continue reading Jetpack 9.8 Introduces WordPress Stories Block Alongside Forced Security Update →
-
Patchstack Whitepaper: 582 WordPress Security Issues Found in 2020, Over 96% From Third-Party Extensions
Patchstack, which recently rebranded from WebARX, released its 2020 security whitepaper. The report identified a total of 582 security vulnerabilities. … Continue reading Patchstack Whitepaper: 582 WordPress Security Issues Found in 2020, Over 96% From Third-Party Extensions →
-
Zerodium Temporarily Triples Payout to $300K for WordPress Exploits
Zerodium, one of the most well-known security vulnerability brokers, announced that it is tripling payouts for remote code execution exploits … Continue reading Zerodium Temporarily Triples Payout to $300K for WordPress Exploits →
-
WebARX Rebrands To Patchstack, Combines Services To Focus on WordPress Plugin and Theme Security
In 2018, WebARX launched the first version of its security platform and grew to 3,000 users. Earlier this month, the … Continue reading WebARX Rebrands To Patchstack, Combines Services To Focus on WordPress Plugin and Theme Security →
-
Elementor Patches XSS Vulnerabilities Affecting 7 Million WordPress Sites
Elementor users who haven’t updated recently will want to get on the latest version 3.1.4 as soon as possible. Researchers … Continue reading Elementor Patches XSS Vulnerabilities Affecting 7 Million WordPress Sites →
-
Attackers Continue to Exploit Vulnerabilities in The Plus Addons for Elementor Plugin
Last week, security researchers at Seravo and WP Charged reported a critical zero-day vulnerability in The Plus Addons for Elementor … Continue reading Attackers Continue to Exploit Vulnerabilities in The Plus Addons for Elementor Plugin →
-
WPScan Can Now Assign CVE Numbers for WordPress Core, Plugin, and Theme Vulnerabilities
WPScan, a security company that maintains a database of WordPress vulnerabilities, has been officially designated as a CVE (Common Vulnerability … Continue reading WPScan Can Now Assign CVE Numbers for WordPress Core, Plugin, and Theme Vulnerabilities →