Erik Kraijenoord On February 4th, 2026, we received a submission for an SQL Injection vulnerability in Ally, a WordPress plugin estimated to have more than 400,000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes. Props to Drew Webber (mcdruid) who discovered and responsibly reported this vulnerability through … Read more
WordPress 6.9.2 is now available! This is a security release that features several fixes. Because this is a security release, it is recommended that you update your sites immediately. You can download WordPress 6.9.2 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”. If you have sites that support automatic … Read more
Triple Threat Bug Bounty Challenge Hunt High Threat vulnerabilities and earn triple the incentives! Now through April 6, 2026, earn three stacked bonuses on all valid submissions from our ‘High Threat Vulnerabilities’ list: 2x all high threat vulnerability bounties (excluding 5,000,000+ installs) +30% bonus for high threat vulnerabilities in software with 30,000+ active installs (excluding … Read more
WordPress 7.0 Beta 3 is available for download and testing! This beta version of the WordPress software is still under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, you should evaluate Beta 3 on a test server and site.WordPress 7.0 Beta 3 can be tested … Read more
Starting a dropshipping business? Your most important task is picking great products. See our top picks and learn how to get started.
