In this report, 342 vulnerabilities have been publicly disclosed. Security patches for 254 of these plugins, themes, and Core are available now, so run those updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 88 plugin and theme vulnerabilities with no patch available yet. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
Along with poor user account security, vulnerable plugins and themes are among the top reasons why WordPress websites get hacked. Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.
WordPress Vulnerability Report — April 17, 2024 Keep Reading »
#Blogging #WordPress #BloggingTips #BlogChat
The second Release Candidate (“RC2”) for WordPress 7.0 is ready for download and testing! This…
When WP Engine acquired WPackagist on March 12, the WordPress developer community faced a familiar…
The first Release Candidate (“RC1”) for WordPress 7.0 is ready for download and testing! This…
WordPress 7.0 Beta 5 is ready for download and testing! This version of the WordPress…
WordPress 6.9.4 is now available! WordPress 6.9.2 and WordPress 6.9.3 were released yesterday, addressing 10…
For nearly two decades, WordPress has been known for a simple, powerful idea: that anyone…