Clik here to view.
Patching an XSS Security Bug in "add-comments" Plugin
Accepting your mistakes. The human experience is full of mistakes, failures, and folly. I would say this is "the truth" but this statement itself may be wrong, and I accept that .. but I'm saying this...
View ArticleClik here to view.
Patchstack Weekly #53: Security Best Practice - Rotate Your Passwords
Welcome to the Patchstack Weekly Security Update, Episode 53! This update is for the first week of 2023. I will start by wishing you a Happy New Year - and thank you for listening/reading! 2023's...
View ArticlePatchstack Weekly #54: How To Make Sure Your Sites Are Running Safe WordPress...
Welcome to the Patchstack Weekly Security Update, Episode 54! This update is for week 2 of 2023. This week's knowledge share will continue the trend of new years resolutions. I am honored to share...
View ArticleClik here to view.
Patchstack Weekly #55: How To Choose a Secure Web Hosting Provider?
In the dynamic world of web hosting, the foundation of your WordPress website's security lies in the choice of your hosting provider. When it comes to your WordPress site, security isn't merely an...
View ArticleClik here to view.
Patchstack Weekly #56: How Can Developers Prove Their Plugins Are Secure?
Welcome to the Patchstack Weekly Security Update, Episode 56! This update is for week 4 of 2023. This week's knowledge share is for developers and site owners alike. I will be discussing how open...
View ArticleClik here to view.
Solving Unpredictable WP-Cron Problems, Addressing CVE-2023-22622
Introduction This article will introduce concepts about how computers schedule tasks with cron and how WordPress's cron implementation "WP-Cron" works more like a queue instead of a scheduler. I will...
View ArticleClik here to view.
Patchstack Weekly #58: Do You Need security.txt?
Welcome to the Patchstack Weekly Security Update, Episode 58! This update is for week 6 of 2023. It is the start of February. This week, I learned a fun fact about something security related...
View ArticleClik here to view.
Patchstack Weekly #59: Do You Need Virtual Patches?
Welcome to the Patchstack Weekly Security Update, Episode 59! This update is for week 7 of 2023. This week's knowledge share will be about virtual patching. I will explain how it works, why vPatching...
View ArticlePatchstack Weekly #60: Should You Convert WordPress To a Static Site?
Welcome to the Patchstack Weekly Security Update, Episode 60! This update is for week 8 of 2023. This week's news is about static sites and security. Did you know with the right plugin WordPress can...
View ArticleClik here to view.
Patchstack Weekly #61: Should you use WordPress As a Headless CMS?
Welcome to the Patchstack Weekly Security Update, Episode 61. This is update is for week 9 of 2023. In last week's knowledge share, I talked about static sites, I mentioned headless CMS being...
View ArticleClik here to view.
Patching a Stored XSS Bug In the "tinymce-custom-styles" Plugin
Welcome back to Patchstack's "Last Patch". This is a special episode, normally these blog posts are lessons in defensive coding tactics using a plugin that has already been disabled due to...
View ArticleClik here to view.
Patchstack Weekly #62: The Patchstack State of WordPress Security Report
Welcome to the Patchstack Weekly Security Update, Episode 62! This update is for week 11 of 2023. In this week's knowledge share, I will be sharing a review of Patchstack's annual 'State of WordPress...
View ArticleClik here to view.
Patchstack Weekly #63: How To Spot Potentially Abandoned Plugins in Your...
Welcome to the Patchstack Weekly Security Update, Episode 63! This update is for week 12 of 2023 and talks about how to spot abandoned plugins in your WordPress site. This week's news is about how to...
View ArticleClik here to view.
Patchstack Weekly #64: Understanding Security Bug Severity
Welcome to the Patchstack Weekly Security Update, Episode 64! This update is for week 13 of 2023. This week's news is about understanding security bug severity, and how not all security bugs are...
View ArticleWordPress Source Code Exposed Online
Early this morning the WordPress source code was found exposed online. The most popular, widest used, and massively successful web application project WordPress, that powers more websites than any...
View ArticlePatchstack Weekly #65: The One Serious Vulnerability Open-Source Doesn't Have...
Welcome to the Patchstack Weekly Security Update, Episode 65! This update is for week 14 of 2023. This week's knowledge share is all about how a serious security risk closed source software faces,...
View ArticleClik here to view.
Patchstack Weekly #66: How To Secure Your Code Against Insecure Inclusion Bugs
Welcome to the Patchstack Weekly Security Update, Episode 66! This update is for week 15 of 2023. This week's knowledge share is about a rare but serious security bug that can be found in any PHP...
View ArticleWhat Is An Open-Source Fork And How To Secure it?
This article explains what an open-source fork is and how to ensure the security of forked open-source projects. Forking a project allows anyone to take ownership of an open-source project and lead it...
View Article
