Website Security News
Read the latest vulnerability disclosures affecting server applications and content management systems like WordPress, Joomla, Drupal, and Magento. Learn about major vulnerabilities in popular plugins and extensions, and how to mitigate zero-day vulnerabilities so you can prevent website hacks.
You can learn more about how we score vulnerabilities in WordPress and other platforms using the DREAD score.
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important…
Read More about WordPress Vulnerability & Patch Roundup September 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Read More about WordPress Vulnerabilities & Patch Roundup — August 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Read More about WordPress Vulnerabilities & Patch Roundup — July 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Read More about WordPress Vulnerabilities & Patch Roundup — June 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. We’ve compiled…
Read More about WordPress Vulnerabilities & Patch Round-up — May 2022
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help…
Read More about WordPress Vulnerabilities & Patch Roundup — April 2022
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was released for the Elementor plugin…
Read More about Critical RCE Vulnerability in Elementor WordPress Plugin
On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked as CVE-2022-24086 with a CVSS…
Read More about Adobe Patches Critical RCE Vulnerability in Magento2
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic Marc Montpas recently discovered two…
A critical server security vulnerability in the Java logging library Log4j is taking the internet by storm because code to actively exploit this vulnerability is already widely distributed across the…
Read More about Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants
Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of 18 security vulnerabilities patched according…
Read More about Adobe Patches Critical Magento Vulnerabilities in Recent Update
