-
Patchstack Becomes Top CVE Coordinator, Surpassing Microsoft in Reported Vulnerabilities
WordPress security company leads the pack in 2025 CVE assignments and overall totals, driven by plugin ecosystem scale, ethical hackers, and upcoming EU regulations.
·
-
Patchstack Whitepaper: WordPress Plugin Vulnerabilities Rise by 34% as CRA Compliance Deadline Nears
Patchstack’s 2025 WordPress Security report reveals increased vulnerabilities, inadequate developer responses, and highlights the need for improved security practices before the Cyber Resilience Act.
·
-
ACF patches vulnerability following Automattic disclosure misstep
ACF developers at WP Engine have patched a vulnerability affecting both the free and Pro versions of the popular plugin after Automattic broke with established security reporting practices and disclosed the issue on X. ACF 6.3.8 patches an arbitrary code execution vulnerability involving Post Type and Taxonomy metabox callbacks where a user with ACF admin…
·
