Blog

If you are a Patchstack customer, you are protected from this vulnerability already, and no further action is required from [...]

WP Ghost Local File Inclusion to RCE This blog post is about the WP Ghost plugin vulnerability. If you’re a [...]

Chaty Pro Unauthenticated Arbitrary File Upload This blog post discusses about the findings on the Chaty Pro plugin. This vulnerability [...]

Essential Addons for Elementor Reflected Cross Site Scripting This blog post is about the Essential Addons for Elementor plugin vulnerability. [...]

K Elements Privilege Escalation This blog post is about the K Elements plugin vulnerability. If you’re a KLEO theme user [...]

Admin and Site Enhancements (ASE) Privilege Escalation Admin and Site Enhancements (ASE) Pro Privilege Escalation This blog post is about [...]

Better Find and Replace Privilege Escalation Vulnerability This blog post is about the Better Find and Replace plugin vulnerability. If [...]

Easy Real Estate Plugin Unauthenticated Privilege Escalation This blog post discusses about the findings on the RealHome theme and the [...]

GiveWP Unauthenticated PHP Object Injection The vulnerability in the GiveWP plugin was originally reported by Patchstack Alliance community member Edisc [...]

Fancy Product Designer Unauthenticated Arbitrary File Upload Fancy Product Designer Unauthenticated SQL Injection This blog post is about Fancy Product [...]

WPLMS Unauthenticated Arbitrary File Upload WPLMS Subscriber+ Arbitrary File Upload WPLMS Sutedent+ Arbitrary File Upload WPLMS Unauthenticated Privilege Escalation WPLMS [...]

Woffice Theme Unauthenticated Privilege Escalation Woffice Theme Unauthenticated Broken Authentication This blog post is about the Woffice theme vulnerabilities. If [...]