Since our last report, 151 new vulnerabilities have been publicly disclosed1, including 7 in WordPress core patched in the WordPress 6.3.2 update. Security patches for 66 plugins and 2 themes are available now, so run those updates as soon as possible. If you�re a Solid Security Pro user, the version management tool may have already warned you and updated these plugins, depending on your settings.
Additionally, there are 76 plugin vulnerabilities with no patch available yet. If you�re a Solid Security Pro user, those vulnerabilities are already protected by the Solid Security firewall with virtual patches from Patchstack. If no patch is forthcoming from the vendor or the vulnerable software has been marked �closed� and dropped from the official WordPress repositories, you should deactivate it soon and look for alternative solutions.
WordPress Plugin Vulnerabilities � 66 Patched / 76 Unpatched
Along with poor user account security, vulnerable plugins and themes are why WordPress websites get hacked. Our weekly WordPress Vulnerability Report�powered by Patchstack�covers the latest WordPress plugin, theme, and core vulnerabilities to emerge. Each vulnerability will have a severity rating of�Low,�Medium,�High, or�Critical. Responsible disclosure of vulnerabilities is essential to keeping the WordPress community safe. Please share this report to help spread the word and make WordPress � and 40% of the web � more secure.