Patchstack has started a Patchstack academy resource hub for learning about ethical hacking and security you code.
Patchstack Academy Launched
Maciek Palmowski @ patchstack.com • 1 year ago
Security Implications of Incorrect PHP Configuration
Vladimir Smitka @ smitka.me • 1 year ago
Vladimír Smitka continues his security testing and education series related to hosting providers, this time looking at PHP configuration issues. Well worth the time to read.
Password Reset Required for Plugin Authors
Francisco Torres @ make.wordpress.org • 1 year ago
The Plugin Review team has reset the passwords for plugin authors. It appears some recent plugin vulnerabilities may have been the result of password reuse.
Hosting and Server Misconfiguration Issues
Vladimir Smitka @ smitka.me • 1 year ago
Here is another installment in Vladimir Smitka’s series about security and hosting providers. An interesting read.
WordPress 6.5.5 Security Release
• 1 year ago
This updates fixes two cross-site-scripting vulnerabilities and a path traversal issue.
ACF Security Update 6.3.2
Liam Gladdy @ advancedcustomfields.com • 1 year ago
This update includes a fair number of security fixes found as the result of an external security audit. Kudos to the ACF team for having an external audit.
WooCommerce Security Alert
Jacklyn bBiggin @ developer.woocommerce.com • 1 year ago
WooCommerce XSS vulnerability notice. It has been patched, so there is an update available.
Testing FlwyWP and Enhance Cloud Management Panels
Vladimír Smitka @ smitka.me • 1 year ago
Here is part two of Vladimír Smitka’s series where he tested various Cloud panels for managing VPS. In this installment he looks at Enhance and FlyWP, which use Docker containers, and explains why they weren’t secure and explores some of the possible fixes.
Step by Step Guide to Cleaning a Hacked Site
Alexis Bryan @ solidwp.com • 1 year ago
Here’s a tutorial on how to clean a hacked site.