WordPress Security Blog
Weekly vulnerability reports, security tips, and WordPress security news to keep your site safe.
WordPress Vulnerability Report: May 17 – May 24, 2026
81 WordPress vulnerabilities disclosed between May 17 – May 24, 2026. 8 critical, 20 high severity. 2 patched, 79 unpatched.
WordPress Vulnerability Report: May 9 – May 16, 2026
104 WordPress vulnerabilities disclosed between May 9 – May 16, 2026. 6 critical, 23 high severity. 1 patched, 103 unpatched.
WordPress Vulnerability Report: May 1 – May 8, 2026
96 WordPress vulnerabilities disclosed between May 1 – May 8, 2026. 6 critical, 35 high severity. 1 patched, 95 unpatched.
WordPress 7.0 “Armstrong”
Explore AI abilities directly in your website, all managed from a central hub. Slide seamlessly through the sleek, new admin theme implemented across the dashboard.
WordPress 7.0 Release Candidate 4
The fourth Release Candidate (“RC4”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development.
WordPress 7.0 Release Candidate 3
The third Release Candidate (“RC3”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development.
WordPress Vulnerability Report: April 15 – April 16, 2026
24 WordPress vulnerabilities disclosed between April 15 – April 16, 2026. 2 critical, 4 high severity. 0 patched, 24 unpatched.
WordPress Vulnerability Report: April 8 – April 15, 2026
106 WordPress vulnerabilities disclosed between April 8 – April 15, 2026. 6 critical, 18 high severity. 0 patched, 106 unpatched.
WordPress Vulnerability Report: April 1 – April 8, 2026
40 WordPress vulnerabilities disclosed between April 1 – April 8, 2026. 2 critical, 12 high severity. 0 patched, 40 unpatched.
WordPress 7.0 Release Candidate 2
The second Release Candidate (“RC2”) for WordPress 7.0 is ready for download and testing! This version of the WordPress software is under development.