Changeset 3356031

Timestamp:

09/04/2025 12:02:52 PM (6 months ago)

Author:

patchstack

Message:

Tag new version

Location:

patchstack

Files:

• assets/screenshot-1.jpg (deleted)
• assets/screenshot-1.png (added)
• assets/screenshot-2.jpg (deleted)
• assets/screenshot-2.png (added)
• assets/screenshot-3.jpg (deleted)
• assets/screenshot-3.png (added)
• assets/screenshot-4.jpg (deleted)
• assets/screenshot-4.png (added)
• assets/screenshot-5.jpg (deleted)
• trunk/includes/admin/options.php (modified) (2 diffs)
• trunk/includes/hardening.php (modified) (2 diffs)
• trunk/includes/login.php (modified) (2 diffs)
• trunk/includes/views/pages/settings.php (modified) (1 diff)
• trunk/lib/GeoLite2-Country.mmdb (deleted)
• trunk/lib/geoip2-php (deleted)
• trunk/patchstack.php (modified) (2 diffs)
• trunk/readme.txt (modified) (1 diff)

patchstack/trunk/includes/admin/options.php

@@ -82 +82 @@
         'patchstack_add_security_headers'               => ['default' => 1, 'autoload' => 'yes'],
         'patchstack_ip_block_list'                      => ['default' => '', 'autoload' => 'yes'],
-        'patchstack_geo_block_enabled'                  => ['default' => 0, 'autoload' => 'yes'],
-        'patchstack_geo_block_inverse'                  => ['default' => 0, 'autoload' => 'yes'],
-        'patchstack_geo_block_countries'                => ['default' => [], 'autoload' => 'yes'],
 
         // Login and firewall brute force options.
@@ -94 +91 @@
         'patchstack_autoblock_minutes'                  => ['default' => 1, 'autoload' => 'yes'],
         'patchstack_autoblock_blocktime'                => ['default' => 1, 'autoload' => 'yes'],
-        'patchstack_login_time_block'                   => ['default' => 0, 'autoload' => 'no'],
-        'patchstack_login_time_start'                   => ['default' => '00:00', 'autoload' => 'no'],
-        'patchstack_login_time_end'                     => ['default' => '23:59', 'autoload' => 'no'],
         'patchstack_login_2fa'                          => ['default' => 0, 'autoload' => 'yes'],
         'patchstack_login_whitelist'                    => ['default' => '', 'autoload' => 'no'],

patchstack/trunk/includes/hardening.php

@@ -35 +35 @@
         // Set security headers
         add_filter( 'wp_headers', [ $this, 'set_security_headers' ], 10, 1 );
-
-        // When country blocking is set.
-        if ( $this->get_option( 'patchstack_geo_block_enabled', false ) && ! empty( $this->get_option( 'patchstack_geo_block_countries', [] ) ) ) {
-            add_action( 'init', array( $this, 'geo_block_check' ), ~PHP_INT_MAX );
-        }
 
         // Apply comment captcha?
@@ -136 +131 @@
         // Resend the sofware data to the API.
         do_action( 'patchstack_send_software_data' );
-    }
-
-    /**
-     * Determine the country of the user and if we should block the user.
-     *
-     * @return void
-     */
-    public function geo_block_check() {
-        $countries = $this->get_option( 'patchstack_geo_block_countries', [] );
-        $ip        = $this->get_ip();
-
-        // Don't block Patchstack.
-        if ( ( isset( $_POST['patchstack_secret'] ) && $this->plugin->listener->verifyToken( $_POST['patchstack_secret'] ) ) || isset( $_POST['patchstack_ott_action'] )) {
-
-            // OTT action.
-            if ( isset( $_POST['patchstack_ott_action'] ) ) {
-                $ott = get_option( 'patchstack_ott_action', '' );
-                if ( ! empty( $ott ) && hash_equals( $ott, $_POST['patchstack_ott_action'] ) ) {
-                    return;
-                }
-            } else {
-                return;
-            }
-        }
-
-        // Load the required libraries.
-        try {
-            require_once __DIR__ . '/../lib/geoip2-php/autoload.php';
-            $reader = new GeoIp2\Database\Reader( __DIR__ . '/../lib/GeoLite2-Country.mmdb' );
-            $record = $reader->country( $ip );
-
-            // Determine if we want to do an inverse check or not.
-            $match = in_array( $record->country->isoCode, $countries );
-            $match = $this->get_option( 'patchstack_geo_block_inverse', false ) ? ! $match : $match;
-
-            // Check if there's a match.
-            if ( $match ) {
-                $this->plugin->firewall_base->display_error_page( 23 );
-            }
-        } catch ( \Exception $e ) {
-        }
     }
 

patchstack/trunk/includes/login.php

@@ -33 +33 @@
         add_action( 'login_init', [ $this, 'add_captcha' ] );
         add_action( 'login_init', [ $this, 'check_ipban' ] );
-        add_action( 'login_init', [ $this, 'check_logonhours' ] );
         add_action( 'login_head', [ $this, 'add_captcha' ] );
         add_action( 'login_enqueue_scripts', [ $this, 'login_enqueue_scripts' ], 1 );
@@ -284 +283 @@
         if ( $num >= $this->get_option( 'patchstack_anti_bruteforce_attempts', 10 ) ) {
             $this->plugin->firewall_base->display_error_page( 24 );
-        }
-    }
-
-    /**
-     * If logon hours are set, check the current time and allow or disallow the user
-     * to login depending on the settings.
-     *
-     * @return void
-     */
-    public function check_logonhours() {
-        if ( ! $this->get_option( 'patchstack_login_time_block', 0 ) || is_user_logged_in() || $this->get_option( 'patchstack_login_time_start', '00:00' ) == $this->get_option( 'patchstack_login_time_end', '23:59' ) ) {
-            return;
-        }
-        $block = true;
-
-        // Current time.
-        $hour          = current_time( 'G' );
-        $min           = current_time( 'i' );
-        $stamp_current = current_time( 'U' );
-
-        // Get time start.
-        $start = explode( ':', str_replace( '00', '0', $this->get_option( 'patchstack_login_time_start', '00:00' ) ) );
-        if ( count( $start ) != 2 ) {
-            return;
-        }
-        $stamp_start = strtotime( current_time( 'Y-m-d' ) . ' ' . $this->get_option( 'patchstack_login_time_start', '00:00' ) . ':00' );
-        $start[0]    = (int) $start[0];
-        $start[1]    = (int) $start[1];
-
-        // Get time end.
-        $end = explode( ':', str_replace( '00', '0', $this->get_option( 'patchstack_login_time_end', '23:59' ) ) );
-        if ( count( $end ) != 2 ) {
-            return;
-        }
-        $stamp_end = strtotime( current_time( 'Y-m-d' ) . ' ' . $this->get_option( 'patchstack_login_time_end', '00:00' ) . ':00' );
-        $end[0]    = (int) $end[0];
-        $end[1]    = (int) $end[1];
-
-        // If begin time is earlier than end time.
-        if ( $start[0] <= $end[0] && $stamp_current >= $stamp_start && $stamp_current <= $stamp_end ) {
-            $block = false;
-        }
-
-        // If begin time is later than end time.
-        if ( $start[0] > $end[0] && ( $hour >= $start[0] || $hour <= $end[0] ) ) {
-            $block = false;
-
-            if ( ( $hour == $start[0] && $min < $start[1] ) || ( $hour == $end[0] && $min > $end[1] ) ) {
-                $block = true;
-            }
-        }
-
-        // Block the user?
-        if ( $block ) {
-            wp_die( esc_attr__( 'Access to the login page has been restricted due to set logon hours.', 'patchstack' ), esc_attr__( 'Login Disallowed', 'patchstack' ) );
         }
     }

patchstack/trunk/includes/views/pages/settings.php

@@ -33 +33 @@
     </div>
 </div>
-
-<script>
-    tippy('[data-tippy-content]', {
-        arrow: false,
-    });
-</script>

patchstack/trunk/patchstack.php

@@ -5 +5 @@
  * Author URI: https://patchstack.com/?utm_medium=wp&utm_source=dashboard&utm_campaign=patchstack%20plugin
  * Description: Patchstack identifies security vulnerabilities in WordPress plugins, themes, and core.
- * Version: 2.3.2
+ * Version: 2.3.3
  * Author: Patchstack
  * License: GPLv3
@@ -60 +60 @@
          * @var string
          */
-        const VERSION = '2.3.2';
+        const VERSION = '2.3.3';
 
         /**

patchstack/trunk/readme.txt

@@ -5 +5 @@
 License URI: https://www.gnu.org/licenses/gpl-3.0.html
 Requires at least: 4.4
-Tested up to: 6.7
-Stable tag: 2.3.2
+Tested up to: 6.8
+Stable tag: 2.3.3
 Requires PHP: 5.6
 
-Patchstack automatically identifies & mitigates security vulnerabilities in WordPress plugins, themes, and core.
+Patchstack automatically identifies and mitigates security vulnerabilities in WordPress plugins, themes, and core.
 
 == Description ==
 
-Patchstack is a powerful tool that helps to identify security vulnerabilities within all your websites' plugins, themes, and WordPress core.
-Patchstack is powered by the WordPress ecosystem's most active community of ethical hackers.
-Patchstack is trusted by the leading WordPress experts such as: Pagely, Cloudways, GridPane, Plesk, and others!
+Patchstack is a powerful tool that helps identify security vulnerabilities within your websites' plugins, themes, and WordPress core. It is powered by the WordPress ecosystem’s most active community of ethical hackers. Patchstack is trusted by leading WordPress experts such as Pagely, Cloudways, GridPane, Plesk, and others!
 
-https://www.youtube.com/watch?v=LL3Yy15rJ3g
+https://www.youtube.com/watch?v=z2nuYpg26Vc
 
-### Why do I need Patchstack Community (*Free) version?*
-* Be the first to know about new vulnerabilities!
-* Save time by monitoring all your websites from a single dashboard.
+Patchstack is a security plugin for WordPress that finds WP core, plugin and theme vulnerabilities in your websites. 
+
+The free version includes up to 48-hour early warning for new vulnerabilities found by our security research community. It also allows you to automatically update vulnerable software, manage updates remotely, and get snapshot reports on your sites’ security status.
+
+The paid version includes automatic vulnerability protection. Patchstack deploys highly targeted rules on a per-site basis, only when a specific vulnerability is detected on a site.
+
+This prevents vulnerable components from being exploited without modifying website code, or impacting site performance or functionality. Patchstack’s paid version includes access to 12,000+ individual protection rules (vPatches).
+
+Patchstack paid version also includes other preventive security features, such as 2 factor authentication, WordPress specific hardening rules, a Community IP blocklist for malicious IP addresses, advanced security settings, and custom protection rules.
+
+### Post-hack cleanups vs attack prevention in WordPress security
+Unlike the standard approach to WordPress security (malware scanning and infection cleanups), Patchstack is focused on preventing infections in the first place.
+
+Thanks to its big WordPress security research community and partnerships with nearly one thousand plugin vendors and developers, Patchstack is regularly among the first to identify new vulnerabilities.
+
+### Who is Patchstack's WordPress security plugin for?
+Patchstack’s vulnerability management works extremely well for:
+
+* Agencies with WordPress care/maintenance plans for their customers’ websites
+* WooCommerce websites to protect their revenue and customers from attacks
+* Hosting companies that want to deliver highly targeted vulnerability protection easily and at scale
+Website owners
+
+You don’t have to be highly technical to use it. Install the plugin, connect it with the Patchstack App, and stay safe!
+
+### What features are included in the Patchstack Personal (Free) plan?
+Patchstack’s Personal plan is a free security service for WordPress that lets you find and manage vulnerabilities in your websites. It includes access to a central security dashboard via the Patchstack web App for more visibility and control over your sites’ security:
+
+* Be the first to know about new vulnerabilities.
 * Receive notifications if any installed plugins or themes have security issues.
-* Get simple actionable suggestions to secure your websites.
-* Spend fewer resources fixing WordPress security issues (avoid expensive clean-ups).
-* Worry less about your website's security and focus on your work.
-
-### What does Patchstack Community (*Free) version include?*
-**Detect security issues before hackers take over your website:**
-
 * Detect the latest security vulnerabilities in WordPress plugins.
 * Detect the latest security vulnerabilities in WordPress themes.
 * Detect the latest security vulnerabilities in WordPress core.
 * Receive real-time alerts via email if any security vulnerabilities are found.
-* Have a central security dashboard for up to 10 (upgradable to 50) websites (via the Patchstack App).
+* Manage core, plugin and theme updates from a single dashboard.
+* [Optional] Enable automatic updates for vulnerable plugins only.
+* Generate snapshot reports about the security status of your website.
+
+### What features do Patchstack paid subscriptions have?
+Patchstack’s paid subscriptions include automatic protection for WordPress vulnerabilities, as well as other protection modules.
+
+* Virtual patching to prevent vulnerable components from being exploited
+* Advanced hardening module for added WordPress security
+* Remote hardening settings (including .httacess, login protection and reCAPTCHA)
+* Community IP Blocklist of known attacker IP addresses
+All of these features are included in the Developer and Enterprise plans. 
+Additionally, Developer and Enterprise plan users have access to custom protection rule creation, periodical security reports and report scheduling.
+
+Personal (Free) plan users can enable these features on a per-site basis for $5 / site per month.
 
 **Important Resources**
 
-* [Support](https://docs.patchstack.com)
-* [Changelog](https://docs.patchstack.com/changelog/plugin-changelog/)
-* [Facebook Community](https://www.facebook.com/groups/patchstackcommunity)
-* [Vulnerability news blog post](https://patchstack.com/articles/wordpress-vulnerability)
-* [Patchstack vulnerability database](https://patchstack.com/database)
+* [Patchstack website](https://patchstack.com)
+* [Help Center](https://docs.patchstack.com)
+* [Changelog](https://docs.patchstack.com/patchstack-plugin/changelog/)
+* [Patchstack Vulnerability Database](https://patchstack.com/database)
 
 **See what our customers say about our paid plans:**
 
-* "Patchstack is awesome. All of my sites are protected by Patchstack and none have ever been hacked. High recommended." - Jose Gil (August 2021)
-* "The only WAF I trust. They are way ahead of the curve providing firewall security for WordPress websites." - Mark Werle (August 2021) 
-* "Love the product! Best decision I made regarding security on my websites!" - Ben Poston (August 2021)
-* "The service here is superb! And they always are right on it with the best solution to solve the problem or question at hand. The tool itself is, well, it speaks for itself. I am very satisfied with this project and the service they offer." - Daniel Canup (March 2021)
+* "An excellent and valuable service that’s backed by a company that contributes a significant number of resources and money directly back to the WordPress ecosystem." – John Blackbourn  
+* "Patchstack is like CrowdStrike, but for websites!" – Ryan McCue, HumanMade  
+* "The service here is superb! And they are always right on it with the best solution to solve the problem or question at hand. The tool itself speaks for itself. I am very satisfied with this project and the service they offer." – Daniel Canup  
+* "This is a security plugin everyone needs to install. The Patchstack team are incredible at what they do. We have been using them for years and have not been disappointed!" – @craniumstudio  
+* "We’ve been with Patchstack for a LONG time (even before they were Patchstack). It has always done its job seamlessly and without fail. Ongoing innovation and updates to the Patchstack product mean this plugin is a winner. 5 stars all the way." – @guapx  
 
-(*Comparisons are done by comparing paid versions)
+(*Comparisons are made by evaluating paid versions.)
 
-Sucuri vs. Patchstack [https://patchstack.com/sucuri-alternative/](https://patchstack.com/sucuri-alternative/)
-Wordfence vs. Patchstack [https://patchstack.com/wordfence-alternative/](https://patchstack.com/wordfence-alternative/)
-Malcare vs. Patchstack [https://patchstack.com/malcare-alternative/](https://patchstack.com/malcare-alternative/)
-Sitelock vs. Patchstack [https://patchstack.com/sitelock-alternative/](https://patchstack.com/sitelock-alternative/)
+[Sucuri vs. Patchstack](https://patchstack.com/sucuri-alternative/)  
+[Wordfence vs. Patchstack](https://patchstack.com/wordfence-alternative/)  
+[Malcare vs. Patchstack](https://patchstack.com/malcare-alternative/)  
+[Sitelock vs. Patchstack](https://patchstack.com/sitelock-alternative/)
 
 == Installation ==
 
-Simply install the Patchstack plugin by searching for "Patchstack" on the plugin management page of WordPress or install the plugin manually by following the steps:
+Simply install the Patchstack plugin by searching for "Patchstack" on the plugin management page of WordPress, or install it manually by following these steps:
 
 1. Download the plugin from the WordPress.org Patchstack plugin download page.
-2. Unzip the .zip file.
+2. Unzip the `.zip` file.
 3. Upload the entire `patchstack` directory to the `/wp-content/plugins/` directory.
-4. Activate Patchstack through the 'Plugins' menu in WordPress and enter your API key.
+4. Activate Patchstack through the "Plugins" menu in WordPress.
 
 == Frequently Asked Questions ==
 
 = What makes plugin vulnerabilities so dangerous? =
-A worrisome website hacking statistic is that well over 90% of WordPress vulnerabilities are related to plugins or themes. One report found that as much as 98% of WordPress vulnerabilities are due to plugins while another study reported that 95% of vulnerabilities were because of plugins and themes.
-To be secure, you should always keep WordPress plugins, themes, and core updated and monitored. Ensure you are always aware of the plugins you’re using on your websites and always remove the ones you are not using.
-When it comes to WordPress security plugins, we first recommend you get a better understanding of the WordPress security ecosystem and how they work.
-Find one that can offer [vPatching](https://patchstack.com/articles/virtual-patching) ([check out Patchstack's features](https://patchstack.com/pricing)).
+A worrisome website hacking statistic is that well over 90% of WordPress vulnerabilities are related to plugins or themes. One report found that up to 98% of WordPress vulnerabilities are due to plugins, while another study reported that 95% were caused by plugins and themes.  
+To stay secure, always keep your WordPress plugins, themes, and core updated and monitored. Be aware of which plugins you’re using and remove any that are no longer needed.  
+When choosing a WordPress security plugin, it's important to understand how the WordPress security ecosystem works.  
+Look for a tool that offers [vPatching](https://patchstack.com/articles/virtual-patching) (see [Patchstack’s features](https://patchstack.com/pricing)).
 
-= How does Patchstack Community (free) version protect sites from vulnerabilities? =
-Patchstack Community (free) version will let you know if you have any vulnerabilities present in the plugins, themes, or WordPress core version that are installed on your site. 
-By staying informed and receiving alerts about vulnerabilities, you can reduce the resources spent on fixing WordPress security issues, avoiding expensive clean-ups in the long run.
+= How does the Patchstack Personal (Free) plan protect sites from vulnerabilities? =
+The Patchstack Personal (Free) plan alerts you if vulnerabilities are present in the plugins, themes, or WordPress core installed on your site.  
+By staying informed, you can reduce the time and resources spent fixing WordPress security issues and avoid costly clean-ups.
 
-= What features does Patchstack Community (free) version include? =
-With Patchstack you will be able to **eliminate security issues before hackers take over your website. You can detect the latest security vulnerabilities in WordPress plugins, themes, and core. You will receive real-time alerts to email or Slack if any security vulnerabilities are found and have a central security overview for up to 10 websites in the Patchstack App.
-Optionally you can also enable vPatch protection against vulnerabilities for $5/month for individual sites. You can also increase your free plan site limit to 50 sites with a volume-upgrade add-on.
+= What features does the Patchstack Personal (Free) plan include? =
+You can detect security vulnerabilities in your WordPress plugins, themes, and core. You’ll receive email notifications if vulnerabilities are found, and access a central security overview for up to 3 websites using the Patchstack App.  
+You can optionally enable vPatching for individual sites for $5/month.
 
-= What features does Patchstack Developer (paid) version include? =
-With Patchstack Developer version you can identify plugin vulnerabilities, receive automatic vPatches to these vulnerabilities, and get detailed reports on your security status. You also get access to additional hardening options, like advanced custom rules and the Community IP blocklist.
+= What features does the Patchstack Developer (Paid) plan include? =
+With the Patchstack Developer plan, you can protect your sites against known plugin and theme vulnerabilities through automatic virtual patches — non-intrusive firewall rules that block exploit attempts.  
+You also gain access to advanced hardening options, 2FA, CAPTCHA, security reports, and various alert types.
 
-= Included features are: =
+= Included features: =
 * Plugin vulnerability detection (also included in free)
 * Theme vulnerability detection (also included in free)
 * WordPress core vulnerability detection (also included in free)
+* Logs and analytics (also included in free)
+* Snapshot PDF security reports (also included in free)
+* Email alerts (also included in free)
 * vPatches for WordPress plugins
 * vPatches for WordPress themes
-* 0-day protection (OWASP top 10)
 * Unlimited custom firewall rules
-* Logs and analytics
 * Unlimited custom alert triggers
-* Weekly / monthly PDF reports
-* Alerts to Slack
-* Alerts to email (also included in free)
+* Weekly/monthly PDF reports
+* Slack alerts
+* Unlimited [Patchstack App API usage](https://docs.patchstack.com/api-solutions/app-api/patchstack-app-api/)
 
-= What checks does Patchstack Community (free) version perform on your website? =
-We do not perform any external checks on your website. We do however match the plugins, themes, and WordPress core you have installed on your website with our vulnerability database to determine if there is a known vulnerability.
+= What checks does the Patchstack Personal (Free) plan perform? =
+No external checks are performed. The plugin matches the installed plugins, themes, and WordPress core on your site with our [vulnerability database](https://patchstack.com/database/) to identify vulnerable versions.
 
-= How will I be alerted if I have a vulnerability on my site? =
-With the Patchstack Community (free) version, you can set up alerts using email (Slack notifications are available in the Developer plan). 
+= How will I be alerted about a new vulnerability? =
+With the Personal (Free) plan, you’ll receive alerts via email. Slack alerts are available in the paid Developer plan.
 
-= Does Patchstack conflict with any other security plugins? =
-We have not had issues with Patchstack conflicting with other security services, but we do recommend using as few different tools on your WordPress site as possible. Avoid enabling similar features if using another security plugin to prevent potential site-breaking issues. If you have any issues with other security tools, please contact our support so we could investigate the issue.
+= Does Patchstack conflict with other security plugins? =
+We have not encountered any conflicts. However, we recommend using as few security plugins as possible and avoiding overlapping features to prevent potential issues.  
+If you encounter problems, contact our support team for assistance.
 
-= Are any logs stored in my database? =
-We do not store any logs in your database or your filesystem on the Community (free) version of Patchstack.
-
-= Does the Community (free) version plugin include a firewall? =
-Patchstack free version does not include a firewall, the free version is there to let you know if you have any vulnerabilities present on your website.
+= Does the Personal (Free) plan include a firewall? =
+No, the free version does not include a firewall. It focuses on vulnerability detection and notifications.
 
 = Will Patchstack slow down my website? =
-The free version of Patchstack does not run anything aside from scheduled tasks on your website, so there will be no noticeable difference. The paid version does run several tasks on each page load but based on tests from us and from our customers we have seen that Patchstack does not affect your website's performance in any significant or noticeable way.
+The free version only runs scheduled tasks, with no noticeable impact on your site speed or server load.
+The paid version runs tasks on each page load to filter traffic, but our tests and customer feedback confirm minimal performance impact.
 
-= Does Patchstack work on a multisite environment? =
-Once you install the plugin on a multisite installation, you will see a page where you can activate Patchstack on the sites that are available on the multisite installation.
-Each site will be added to the Patchstack app individually and will take up a slot on your account.
+= Does Patchstack work on multisite? =
+Yes. After installation, you can activate Patchstack per site within the network. Each subsite must be added individually to your Patchstack account and will take one site slot.
 
 = Where can I learn more about Patchstack? =
-You can learn more about Patchstack at the Patchstack website and blog. 
-See more here: [https://patchstack.com/](https://patchstack.com/)
+Visit our [website](https://patchstack.com) and [blog](https://patchstack.com/blog/) for more information.
 
-= What support options are available with Patchstack? =
-Patchstack offers chat support at [patchstack.com](https://patchstack.com) in addition to support articles available on the support page. To contact chat support, open [patchstack.com](https://patchstack.com) and find the green chat bubble at the bottom right corner of your screen (note that some adblockers and privacy extensions can block this, so you might have to whitelist the Patchstack site). 
+= What support options are available? =
+Patchstack provides chat support via [patchstack.com](https://patchstack.com) and documentation through our [Help Center](https://docs.patchstack.com).  
+To access chat support, click the green chat bubble in the bottom right corner (note: some ad blockers may hide this).
 
-= How long does the Patchstack setup take? =
-Setting up Patchstack takes no more than a few minutes. 
+= How long does it take to set up Patchstack? =
+Setup takes just a few minutes. Install the plugin, register at [Patchstack App](https://app.patchstack.com/register), add your site, and paste the API key into the plugin.  
+See our [Getting Started guide](https://docs.patchstack.com/getting-started/start-using-patchstack/) for help.
 
-= How do I upgrade from a Community (free) version to the Developer version? =
-You can upgrade from free to a paid version on your dashboard at the Patchstack App. Just log in at [app.patchstack.com/login](http://app.patchstack.com/login) or directly go to [app.patchstack.com/setup](http://app.patchstack.com/setup) to set up a plan.
+= How do I upgrade from the Personal (Free) plan to the Developer plan? =
+Upgrade through your dashboard at the [Patchstack App](https://app.patchstack.com/login) or directly at [app.patchstack.com/setup](https://app.patchstack.com/setup).
 
 = Do I need to pay for support? =
-No, support from the Patchstack team is free. However, for free version users, replies may take up to 1-2 business days. Patchstack paid version users will receive an answer from the support within 24 hours.
+No, support is free. However, free plan users may receive replies within 1 business day, while paid users typically get responses in under 30 minutes.
 
 = What information does Patchstack collect? =
-We take your privacy very seriously. After activating Patchstack, it will store some information such as the software installed on your site. Please see our Terms & Conditions, Privacy Policy, and DPA for more information.
+We take privacy seriously. We sync and store data such as your domains, installed software, and activity logs.  
+For details, see our [Terms & Conditions](https://patchstack.com/terms-and-conditions/), [Privacy Policy](https://patchstack.com/privacy-policy/), and [DPA](https://patchstack.com/data-processing-agreement-dpa/).
 
-= Where can I find Patchstack Terms & Conditions, Privacy Policy, and DPA? =
-Terms & Conditions: [https://patchstack.com/terms-and-conditions/](https://patchstack.com/terms-and-conditions/)
-Privacy Policy: [https://patchstack.com/privacy-policy/](https://patchstack.com/privacy-policy/)
-Data Processing Agreement (DPA): [https://patchstack.com/data-processing-agreement-dpa/](https://patchstack.com/data-processing-agreement-dpa/)
+= Where can I find the Terms & Conditions, Privacy Policy, and DPA? =
+* Terms & Conditions: [patchstack.com/terms-and-conditions](https://patchstack.com/terms-and-conditions/)  
+* Privacy Policy: [patchstack.com/privacy-policy](https://patchstack.com/privacy-policy/)  
+* DPA: [patchstack.com/data-processing-agreement-dpa](https://patchstack.com/data-processing-agreement-dpa/)
 
-= How can I join the Patchstack Facebook community? =
-You can join the Patchstack Facebook community here: [https://www.facebook.com/groups/patchstackcommunity](https://www.facebook.com/groups/patchstackcommunity)
-
-= What steps should I take to have my WordPress plugin undergo a security audit with Patchstack? =
-See more about Patchstack security audits here: [https://patchstack.com/auditing/](https://patchstack.com/auditing/). You can also submit your plugin or theme to the [Patchstack mVDP (Managed Vulnerability Disclosure Program)](https://patchstack.com/for-plugins/).
+= How can I get a WordPress plugin security audit from Patchstack? =
+We offer an AI-powered code review tool for plugin audits. Start by joining our [mVDP program](https://patchstack.com/for-plugins).  
+You can also request a manual audit here: [patchstack.com/auditing](https://patchstack.com/auditing/).
 
 = Where do I report security bugs? =
-You can report any security bugs found in the source code of this plugin through the [Patchstack Vulnerability Disclosure Program](https://patchstack.com/database/vdp/patchstack). The Patchstack team will assist you with verification and CVE assignment.
+Report security bugs through the [Patchstack Vulnerability Disclosure Program](https://patchstack.com/database/vdp/patchstack). Our team will assist with verification and CVE assignment.
 
 == Screenshots ==
 
-1. Patchstack App Dashboard
-2. Patchstack App Alerts Overview
-3. Patchstack App Site Hardening
-4. Patchstack App Firewall Overview
-5. Patchstack App Components Overview
+1. Patchstack security - be the first to receive notifications of new plugin vulnerabilities
+2. Patchstack security - automatic protection against ongoing attacks 
+3. Patchstack security - level up your WordPress hardening and tweak the security rules
+4. Patchstack security - security analytics, detailed periodic reports and activity monitoring
 
 == Changelog ==
 
-To view the changelog of the Patchstack plugin, please go to [here](https://docs.patchstack.com/changelog/plugin-changelog/).
+To view the plugin changelog, go [here](https://docs.patchstack.com/patchstack-plugin/changelog/).