Welcome to BlogSafe.org

BlogSafe.org is a WordPress security research and plugin development group. Our goal is to provide fast and reliable security tools to the WordPress community. We are currently striving toward non-profit status. Your contribution toward our premium plugins will help us achieve that goal.

BlogSafe Scanner Plus is a WordPress plugin that’s designed to be an extremely fast and lightweight checksum scanner that will help you detect potentially malicious files.

Read more about it here!

While most WordPress plugins that track user stats are designed to see where traffic on your website is going. BlogSafe Honeypot tracks where visitors WANT to go.

Read more about it here!

LoginSafe is both a captcha plugin and a captcha server. Designed to work with the WordPress login, it adds another layer of security to WordPress Sites.

Read more about it here!

Recent WordPress Vulnerabilities



Contact Form Submissions

Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high...



Disable Right Click For Wp

Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress.



Wp Slider

Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.



Png To Jpg

Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality.



Cpt Base

Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base.



Counter Box

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress.