Welcome to BlogSafe.org
BlogSafe.org is a WordPress security research and plugin development group. Our goal is to provide fast and reliable security tools to the WordPress community. We are currently striving toward non-profit status. Your contribution toward our premium plugins will help us achieve that goal.
BlogSafe Scanner Plus is a WordPress plugin that’s designed to be an extremely fast and lightweight checksum scanner that will help you detect potentially malicious files.
While most WordPress plugins that track user stats are designed to see where traffic on your website is going. BlogSafe Honeypot tracks where visitors WANT to go.
LoginSafe is both a captcha plugin and a captcha server. Designed to work with the WordPress login, it adds another layer of security to WordPress Sites.
Recent WordPress Vulnerabilities
The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the ~/include/models/model.php file which allowed...
Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin (versions <= 5.2.6).
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such...
The WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site Scripting via the cc_whmcs_bridge_url parameter found in the ~/whmcs-bridge/bridge_cp.php file which allows attackers to inject...
The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the...
The User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the loader_text parameter found in the...