Here is a tutorial on using the WP-CLi. It has a focus on some of the security related tasks available.
Site Security with WP-CLi
Milana Cap @ developer.wordpress.org • 6 months ago
Patchstack VDP Announced for WordPress Developers
Oliver Sid @ patchstack.com • 6 months ago
Patchstack announces a free Vulnerability Disclosure Platform for WordPress developers to help them manage disclosures. This will help developers comply with the upcoming EU Cyber Resilience Act.
Interview with John Blackbourn
Maciek Palmowski @ patchstack.com • 6 months ago
Here is a great interview with John Blackbourn, who is a member of the WordPress security team.
Critical Vulnerability in WPML
István Márton @ wordfence.com • 7 months ago
It has a CVSS Score of 9.9. It seemed that the Wordfence team had a hard time getting a response from On the Go.
Patchstack Academy Launched
Maciek Palmowski @ patchstack.com • 7 months ago
Patchstack has started a Patchstack academy resource hub for learning about ethical hacking and security you code.
Security Implications of Incorrect PHP Configuration
Vladimir Smitka @ smitka.me • 8 months ago
Vladimír Smitka continues his security testing and education series related to hosting providers, this time looking at PHP configuration issues. Well worth the time to read.
Password Reset Required for Plugin Authors
Francisco Torres @ make.wordpress.org • 9 months ago
The Plugin Review team has reset the passwords for plugin authors. It appears some recent plugin vulnerabilities may have been the result of password reuse.
Hosting and Server Misconfiguration Issues
Vladimir Smitka @ smitka.me • 9 months ago
Here is another installment in Vladimir Smitka’s series about security and hosting providers. An interesting read.
WordPress 6.5.5 Security Release
• 9 months ago
This updates fixes two cross-site-scripting vulnerabilities and a path traversal issue.