WordPress security advisories, audit and assurance

We undertake a significant quantity of assurance work, to ensure that the sites we build and the plugins they rely on are secure. We publish information about that work on this site.

Recent plugin recommendations

Embed Plus for YouTube Gallery, Livestream and Lazy Loading with Facades

A multi-featured plugin to embed YouTube in WordPress. Use this plugin to embed and customize a YouTube gallery (channel or playlist), YouTube livestream (and premiere), YouTube short, or standard YouTube video. This plugin for YouTube can be customized in a wide variety of ways. The plugin also focuses on performance with the ability to lazy load with a facade and defer JavaScript while serving minified CSS and JavaScript. Here are a few recently added features to all versions (free and Pro) of this plugin:

14.2.2 - Potentially unsafe

Splide Carousel Block

The Splide Carousel block introduces the capability to create carousels/sliders within the block editor. Each carousel may contain an infinite number of slides, with each slides containing their own inner blocks.

1.5.0 - No issues found

PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes

PublishPress Revisions is the ultimate tool for making content changes. Users get a safe space to work on content updates. When the changes are ready, they can ask for approval to publish the update. Administrators can approve or reject the changes. They can also schedule them to go live in the future.

3.5.11 - No issues found

All plugin recommendations

Recent advisories

All advisories