Advertisement Β· 728 Γ— 90

Posts by Patchstack

Introducing Rapyd Cloud 2.0: Multiple Site Plans Are Here! πŸ”₯ Rapyd Cloud 2.0 is the next evolution of the Hosting platform and comes with Multiple Site Plans, Enhanced Hosting Experience, and Agency Partnership Program!

Big news from our partners at @rapydcloud.bsky.social πŸš€

We're thrilled to support the launch of Rapyd Cloud 2.0

What’s new:
βœ… Multiple site plans
βœ… An Agency Partnership Program
βœ… A revamped dashboard

πŸ‘‰ Check out their announcement: rapyd.cloud/blog/introdu...

#ManagedHosting #Cybersecurity

10 months ago 0 0 0 0
Video

πŸ’» #CloudFest Hackathon day 2 is in full swing and the team, led by Nestor Angulo De Ugarte and John Blackbourn, is racking their brains. 🧠⚑️

Curious to see the results? See the final presentations tomorrow at 3:55 PM at the Ring Stage in Europa Park. πŸ‘€

#CFHack #CFHack2025 #cloudfest

1 year ago 5 2 0 0
Preview
Arbitrary File Upload Vulnerability Patched in Chaty Pro Plugin Learn about the critical security vulnerabilities in the Chaty Pro plugin. Protect your site from unauthorized access and potential takeovers.

Unauthenticated Arbitrary File Upload Vuln in Chaty Pro plugin πŸ›‘οΈ

It suffers from an arbitrary file upload vuln. An attacker can upload a malicious file and take over the site 🚫

It was fixed in 3.3.4 βœ…

With Patchstack protection activated, you're already protected πŸ›‘οΈ

patchstack.com/articles/una...

1 year ago 3 2 0 0
Preview
Reflected XSS Patched in Essential Addons for Elementor Affecting 2+ Million Sites - Patchstack 🚨 A reflected XSS vulnerability in the Essential Addons for Elementor plugin (2M+ installs) has been patched in version 6.0.15 (CVE-2025-24752). Update now to stay secure! Patchstack customers are alr...

Reflected XSS Patched in Essential Addons for Elementor πŸ› οΈ

It happens due to insufficient validation of the popup-selector query argument. πŸ€”

It got fixed in 6.0.15 βœ…

If you have Patchstack protection enabled, you're already protected. πŸ›‘οΈ

patchstack.com/articles/ref...

1 year ago 1 1 0 0
Preview
Critical Privilege Escalation Patched in KLEO Theme's Plugin - Patchstack A critical privilege escalation vulnerability was found in the K Elements plugin, affecting KLEO theme users. Update to version 5.4.0 to stay secure. Patchstack customers are already protected.

Critical Privilege Escalation Patched in KLEO Theme’s Plugin. πŸ”’

It occurs due to broken logic in the FB social login process. ❌

Update it immediately to at least 5.4.0 ⬆️

If you have Patchstack protection enabled, you're already protected. βœ…

patchstack.com/articles/cri...

1 year ago 2 2 0 0
Post image

#WCAsia is just around the corner, and here at #Patchstack, we've decided to host a Capture The Flag event 🚩

Don't miss outβ€”mark your calendars for 20-22 February πŸ“†

There are also some amazing prizes for the best hackers out there πŸ’°

ctf.patchstack.com

1 year ago 1 0 0 0
Preview
Rare Case of Privilege Escalation in ASE Plugin Affecting 100k+ Sites - Patchstack Critical privilege escalation vulnerability in Admin and Site Enhancements (ASE) plugin (≀7.6.2.1). Update to 7.6.3 or stay protected with Patchstack.

🚨 Rare Case of Privilege Escalation in Admin and Site Enhancements Plugin.

It occurs due to broken logic on the β€œView Admin as Roleβ€πŸ€”

Update it immediately to at least 7.6.3πŸ”§

If you have Patchstack protection enabled, you are already automatically protectedπŸ›‘οΈ

patchstack.com/articles/rar...

1 year ago 1 1 0 0
Preview
Privilege Escalation Vulnerability Patched in Better Find and Replace Plugin - Patchstack Privilege Escalation vulnerability discovered in the Better Find and Replace plugin (CVE-2025-24734), affecting versions 1.6.7 and below. Update to version 1.6.8 or stay protected with Patchstack.

🚨 high-priority vulnerability has been fixed in the "Better Find and Replace" plugin. It is expected to become mass exploited!

Update the plugin immediately to at least 1.6.8

If you have Patchstack protection enabled, you are already automatically protected πŸ›‘οΈ

patchstack.com/articles/pri...

1 year ago 0 0 0 0
Post image

Our latest newsletter is live! πŸš€

Inside, you'll find:
🍰 The security layer cake
πŸ“œ Vulnerability advisories
πŸ“° News and tips

Read it here:
preview.mailerlite.io/preview/761...

1 year ago 1 0 0 0
Advertisement

🚨 Critical Vulnerability Patched in GiveWP Plugin.

Versions 3.19.3 and below suffer from an unauthenticated PHP Object Injection vuln. πŸ’»

This was fixed in version 3.19.4, so update ASAP. πŸ› οΈ

As a paid Patchstack user you're protected from this vulnπŸ›‘οΈ

patchstack.com/articles/cr...

1 year ago 4 4 0 0
Preview
Critical Vulnerabilities Found in Fancy Product Designer Plugin - Patchstack Critical vulnerabilities discovered in the Fancy Product Designer plugin: unauthenticated arbitrary file upload and SQL injection. Stay protected with Patchstack.

Critical Vulnerabilities Found in Fancy Product Designer Plugin! 🚨

It suffers from Unauthenticated Arbitrary File Upload and SQL Injection vulnerabilities. ⛓️‍πŸ’₯

No patch was released. πŸ˜”

As a paid Patchstack user you're protected from this vulnerabilityπŸ›‘οΈ

patchstack.com/articles/cr...

1 year ago 2 2 0 0
Preview
Multiple Critical Vulnerabilities Patched in WPLMS and VibeBP Plugins - Patchstack Multiple vulnerabilities patched in WPLMS and VibeBP plugins. Update to versions 1.9.9.5.3 and 1.9.9.7.7. Stay secure effortlessly with Patchstack’s protection.

Advisory Alert: Critical Vulnerabilities Fixed in WPLMS and VibeBP! 🚨

Please update to versions 1.9.9.5.3 and 1.9.9.7.7. ⬆️

You are also protected from this vulnerability if you are a paid Patchstack user. πŸ›‘οΈ

patchstack.com/articles/mu...

1 year ago 0 0 0 0
Preview
How to recover your site after a WooCommerce hack Follow the 10-step process to identify the cause of the attack, clean up your WooCommerce store after a hack, and strengthen your security.

Imagine if your #WooCommerce store were hacked. It's a dreadful thought, we know, but it can happen. 😱

Don't panic, though. Lana has prepared a 10-step guide to help you restore your site. πŸ’ͺ

patchstack.com/articles/yo...

1 year ago 0 0 0 0
Preview
Virtual Patches vs. Hackers: Q4 2024’s Most Exploited WordPress Threats Discover how virtual patches (vPatches) provide immediate security for WordPress sites, protecting against vulnerabilities in plugins and themes while awaiting official updates. Learn how to safeguard your website from cyber threats.

Our researcher, Edouard, shares fascinating insights about the most exploited WordPress threats in Q4. πŸ•΅οΈβ€β™‚οΈ

He also provides in-depth examples of how virtual patches work to protect against vulnerabilities. πŸ’»

patchstack.com/articles/q4...

1 year ago 0 0 0 0
Post image

πŸŽ… revisited Patchstack HQ. He needs you to find more difficult vulns in #WordPress plugins and themes.

πŸ“… When: 17-23 Dec
πŸ›‘οΈ What: SQLi, PHP Object Injection, Insecure Deserialization
πŸ“Š CVSS: 7.0+
πŸ“ˆ Installs: 50+
🎁 $4700 bounty pool

Learn more at patchstack.com/bug-bounty/

1 year ago 1 0 0 0
Preview
Multiple Critical Vulnerabilities Patched in Woffice Theme - Patchstack Critical vulnerabilities in the Woffice WordPress theme have been patched in version 5.4.15. Update now to secure your site and learn how Patchstack keeps WordPress users protected.

We released an advisory about Multiple Critical Vulnerabilities Patched in the Woffice Theme. πŸ”’

If you use it, update it to version 5.4.15+. ⬆️

You're also protected from this vuln if you are a paid Patchstack user. πŸ’ͺ

patchstack.com/articles/mu...

1 year ago 0 0 0 0
Post image

πŸŽ… visited Patchstack and has a quest for you to find vulns in #WordPress plugins and themes.

πŸ“… When: 10-17 Dec
πŸ›‘οΈ What: XSS, CSRF, Arbitrary file download, privilege escalation, or sensitive data exposure
πŸ“Š CVSS: 6.4+
πŸ“ˆ Installs: 50+

Learn more at patchstack.com/bug-bounty/

1 year ago 1 1 0 0
Preview
Privilage Escalation Vulnerability Patched in Sweet Date Theme Learn about the critical security vulnerabilities in the Sweet Date WordPress theme. Update to version 3.8.0 or higher to protect your site from unauthorized access and potential takeovers.

We just released an advisory about an unauthenticated Privilege Escalation Vulnerability #vulnerability in Sweet Date Theme 🚨

If you use it, update it to version 3.8.0+ if possible ⬆️

You're also protected from this vuln if you are a paid Patchstack user πŸ’ͺ

patchstack.com/articles/un...

1 year ago 0 0 0 0
Preview
Authenticated RCE Patched in Rank Math SEO plugin - Patchstack Rank Math SEO plugin users: Update to version 1.0.232 or later to patch a critical .htaccess overwrite vulnerability. Learn how Patchstack protects your WordPress site from such risks.

Authenticated RCE Patched in Rank Math SEO plugin

patchstack.com/articles/authenticated-r...

1 year ago 0 0 0 0
Advertisement
Post image

We just released an advisory about an authenticated RCE #vulnerability in Rank Math SEO plugin πŸ’»

If you use this plugin, please update it to version 1.0.232 or later. πŸ”§

You're also protected from this vuln if you are a paid Patchstack user. πŸ”’

Link in the comment below πŸ‘‡

1 year ago 1 2 1 0
Post image

We just launched a Black Friday special #bounty event πŸ›’

πŸ“… When: 26 Nov to 08 Dev
πŸ›οΈ What: WooCommerce and alternatives, payment gateways, and plugins extending eCommerce functionality
πŸ”’ CVSS: 6.4+
πŸ“ˆ Installs: 50+ active installs

Learn more https://patchstack.com/bug-bounty/

1 year ago 2 1 0 0
Preview
Unauthenticated Arbitrary File Read Vulnerability in Jobify Theme - Patchstack This blog post is about an unauthenticated arbitrary file read vulnerability on the Jobify theme. If you're a Jobify user, please delete or deactivate the theme until the patch is released by the vend...

We have just released an advisory about the Unauthenticated Arbitrary File Read Vulnerability in the Jobify Theme. πŸ”’

Unfortunately, this vulnerability is still unpatched. 😞

However, all paid Patchstack users are protected from this vuln. βœ…

patchstack.com/articles/una...

1 year ago 1 1 0 0
Patchstack CTF

Does anyone want to spend Friday having lots of fun? Here's your chance - ctf.patchstack.com, #CTF challenge organized by @patchstack.com, but all challenges are made by the Patchstack Alliance community of #ethical #hackers, #security #researchers, and #developers 🀩 Of course, there are prizes! πŸ€‘

1 year ago 1 2 0 0
Post image

Howdy 🀠

At High Noon (GMT) we're starting a Capture The Flag Event at @patchstack.com

In the bank, the sheriff holds some great prizes πŸ’° for the fastest hackers:

First place - $1000
Second place - $600
Third place - $400

To participate register at ctf.patchstack.com

Good luck 😊

1 year ago 3 1 0 0
Post image

We are proud sponsors of #WordCamp #Wroclaw πŸ‡΅πŸ‡±πŸ’ͺ

Make sure to say "czeΕ›Δ‡" to @maciekpalmowski.dev. Catch his talk on security this Saturday, and snag some cool Patchstack swag while you're at it! πŸ›‘οΈπŸŽ€

Do zobaczenia πŸ™‚

1 year ago 3 1 0 0
Preview
Handling plugin security: Interview with LiteSpeed Cache's Hai Zhang - Patchstack Today we present an interview with Hai Zheng. Hai works at LiteSpeed Technologies and is a man who chases better code and products tirelessly, so before he knew it, he just happened to learn PHP, JS, ...

Check out our latest interview with Hai Zhang from @litespeedtech.bsky.social 🎀

You've likely heard about the recent vulnerabilities in their #WordPress Plugin. πŸ”“

Hai dives into how they swiftly tackled these issues and the significance of joining an mVDP. πŸš€

patchstack.com/articles/han...

1 year ago 1 1 0 1