In this report, 342 vulnerabilities have been publicly disclosed. Security patches for 254 of these plugins, themes, and Core are available now, so run those updates as soon as possible. If you’re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 88 plugin and theme vulnerabilities with no patch available yet. If you’re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall. Virtual patches from Patchstack will be applied when a vulnerability is considered high or medium risk. If no patch is forthcoming from the vendor or the vulnerable software has been marked “closed” and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
Along with poor user account security, vulnerable plugins and themes are among the top reasons why WordPress websites get hacked. Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.
WordPress Vulnerability Report — April 17, 2024 Keep Reading »
#Blogging #WordPress #BloggingTips #BlogChat
The fourth Release Candidate (“RC4”) for WordPress 7.0 is ready for download and testing! This…
August 16–19, 2026, Phoenix Convention Center – Phoenix, Arizona Tickets are now available for WordCamp…
The third Release Candidate (“RC3”) for WordPress 7.0 is ready for download and testing! This…
The full chat log is available beginning here on Slack. WordPress Performance Trac tickets @spacedmonkey…
WordCamp US 2026 will take place August 16–19 in Phoenix, Arizona, and applications are now…
WordPress Student Clubs are beginning to take shape as a new way to carry the…