The TI WooCommerce Wishlist plugin, with over 100,000 active installs, is vulnerable to an unauthenticated file upload vulnerability (CVE-2025-47577).
Today, we are super excited to launch the new version of the Patchstack mVDP platform, which now comes with an AI-based code review tool, team management features and a discussion board that helps plugin developers improve their code faster. With more and more software being generated by AI, we are witnessing a significant increase in […]
The TI WooCommerce Wishlist plugin, with over 100,000 active installs, is vulnerable to an unauthenticated file upload vulnerability (CVE-2025-47577).
This blog post is about the RomethemeKit For Elementor plugin vulnerability. If you’re a RomethemeKit For Elementor user, please update the plugin to at least version 1.5.5. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have security audit […]
If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. Vulnerability Information On April 10, 2025, a critical vulnerability in the WordPress plugin SureTriggers (version 1.0.78 and below) was identified and published. This flaw, allows unauthenticated attackers to create administrative user accounts on vulnerable […]
WordPress, powering over 40% of websites, is a prime target for cyberattacks. Virtual patches (vPatches) provide immediate protection against vulnerabilities in plugins and themes, ensuring site security while awaiting official fixes.
This blog post is about the WP Ghost plugin vulnerability. If you’re a WP Ghost user, please update the plugin to at least version 5.4.02. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have security audit services and […]
This blog post discusses about the findings on the Chaty Pro plugin. This vulnerability is fixed on version 3.3.4 and the vulnerable function didn’t exist on free version (Chaty) of the plugin. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin […]
This blog post is about the Essential Addons for Elementor plugin vulnerability. If you’re an Essential Addons for Elementor user, please update the plugin to at least version 6.0.15. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin developers, we have […]
This blog post is about the K Elements plugin vulnerability. If you’re a KLEO theme user who is using the K Elements plugin, please update the plugin to at least version 5.4.0. If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from you. For plugin […]