Is WordPress core not being secure just a perception issue, or is there more that needs to be done?
WordPress Perceived as Not Being Secure
Joost de Valk @ progressplanner.com • 1 week ago
About WordPress Security
Oliver Sild @ youtube.com • 1 month ago
This is a good discussion about WordPress security with Mario Peshev and Oliver Sild. It is a wide-ranging discussion.
Advanced Access Monitor Audit
Vasyl Martyniuk @ aamportal.com • 2 months ago
Advanced Access Monitor is a security focused plugin that has a pretty robust free version. The free version has an audit feature that checks a number of areas to see that they are locked down and in line with best practices. This article outlines the audit feature.
Number of Unpatched Vulnerability Increasing?
Sarah Ulmer @ solidwp.com • 2 months ago
It seems like the number of unpatched vulnerabilities is increasing. If that is correct it is not a good trend.
State of WordPress security 2025
Oliver Sid @ patchstack.como • 3 months ago
Patchstack has released their annual State of WordPress security report.
Patchstack Runs Hacker Challenge
Oliver Sid @ patchstack.com • 3 months ago
If you are going to be at WordCamp Asia, Patchstack is running a “Capture the Flag” hacker challenge. They already have over 100 people signed up.
Studying the OWASP Top Ten
Eric Burel @ smashingmagazine.com • 3 months ago
For developers, this article looks at the OWASP told ten vulnerabilities list, so hopefully you can recognize and avoid them in your code.
WordPress to Change to Using Bcrypt
John Blackbourn @ make.wordpress.org • 4 months ago
Coming in WordPress 6.8 – The algorithm used for passwords is changing from phppass portable hashing to bcrypt.
WooCommerce Data Hoovering Revealed
Sybre Waaijer @ x.com • 5 months ago
There is too much bad stuff going around about WordPress, but more keeps leaking out. Here is a thread on X that shows the data collected by WooCommerce … the extent of which is way over the top