Welcome to BlogSafe.org

BlogSafe.org is a WordPress security research and plugin development group. Our goal is to provide fast and reliable security tools to the WordPress community. We are currently striving toward non-profit status. Your contribution toward our premium plugins will help us achieve that goal.

BlogSafe Scanner Plus is a WordPress plugin that’s designed to be an extremely fast and lightweight checksum scanner that will help you detect potentially malicious files.

Read more about it here!

While most WordPress plugins that track user stats are designed to see where traffic on your website is going. BlogSafe Honeypot tracks where visitors WANT to go.

Read more about it here!

LoginSafe is both a captcha plugin and a captcha server. Designed to work with the WordPress login, it adds another layer of security to WordPress Sites.

Read more about it here!

Recent WordPress Vulnerabilities

03/2021

CVE-2021-24125

Contact Form Submissions

Unvalidated input in the Contact Form Submissions WordPress plugin before 1.7.1, could lead to SQL injection in the wpcf7_contact_form GET parameter when submitting a filter request as a high...

05/2022

CVE-2022-29427

Disable Right Click For Wp

Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress.

05/2022

CVE-2022-29428

Wp Slider

Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.

05/2022

CVE-2022-29430

Png To Jpg

Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality.

05/2022

CVE-2022-29431

Cpt Base

Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base.

05/2022

CVE-2022-29446

Counter Box

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress.