NinjaFirewall WP/WP+ Edition version 4.0-RC1.
NinjaFirewall WP/WP+ Edition v4.0 is coming soon. In the meantime, we have a Release Candidate 4.0-RC1 available for download. What’s new? Improved NinjaFirewall overall interface and…
WordPress latest security fixes.
The latest security fixes in WordPress themes and plugins.
Stored XSS and CSV injection vulnerabilities in WordPress Shortlinks by Pretty Links plugin.
The WordPress Shortlinks by Pretty Links plugin, which has over 200,000 active installations, was prone to stored XSS and CSV injection vulnerabilities in version 2.1.9 and below.
Securing WordPress with a Web Application Firewall: NinjaFirewall (WP Edition).
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
NinjaScanner: A powerful antivirus scanner for WordPress.
NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog for malware and virus.
An introduction to NinjaFirewall filtering engine.
Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a new powerful filtering engine.
Arbitrary file upload vulnerability in WordPress Crelly Slider plugin.
The WordPress Crelly Slider plugin, which has 20,000+ active installations, was prone to an authenticated arbitrary file upload vulnerability in version 1.3.4 and below.
Arbitrary file upload vulnerability in WordPress User Submitted Posts plugin.
The WordPress User Submitted Posts plugin (30,000+ active installations) was prone to an arbitrary file upload vulnerability in version 20190426 and below.
Zero-day vulnerability in WordPress YellowPencil Visual CSS Style Editor plugin actively exploited.
We are seeing today a lot of hacked WordPress blogs due to a critical vulnerability in the WordPress YellowPencil Visual CSS Style Editor plugin which has 30,000+ active installations.
WordPress Yuzo Related Posts plugin vulnerability massively exploited.
Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.
NinjaFirewall (WP Edition) adds PHP backtrace to email notifications.
Starting from version 3.8.3, NinjaFirewall (WP and WP+ Edition) will attach a PHP backtrace to some important email notifications sent to the administrator.
Another day, another zero-day: WordPress Social Sharing Plugin Social Warfare under attack.
A vulnerability in WordPress Social Sharing Plugin – Social Warfare is currently exploited.
Critical zero-day vulnerability fixed in WordPress Easy WP SMTP plugin.
The popular Easy WP SMTP plugin, which as 300,000+ active installations, was prone to a critical zero-day vulnerability.