Arbitrary file upload vulnerability in WordPress Ultimate Member plugin.
A critical vulnerability in the popular WordPress Ultimate Member plugin allows allows attackers to upload any files, including PHP backdoors.
Securing WordPress with a Web Application Firewall: NinjaFirewall (WP Edition).
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
NinjaScanner: A powerful antivirus scanner for WordPress.
NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog for malware and virus.
An introduction to NinjaFirewall filtering engine.
Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a new powerful filtering engine.
Misuse of WordPress WP-CLI could leak user passwords.
WP-CLI is a command line interface for WordPress. It is a nice and very helpful tool if you want to manage a lot of WordPress installations from a Unix shell.
NinjaFirewall and the General Data Protection Regulation (GDPR).
The purpose of this document is to inform you about how to be compliant with the General Data Protection Regulation (GDPR).
NinjaFirewall (Pro/Pro+ Edition) v3.3 new user interface.
NinjaFirewall (Pro/Pro+ Edition) v3.3 has a brand new user interface. It is responsive, makes use of Bootstrap and jQuery, and looks pretty much like our website…
NinjaScanner v1.2 introduces the quarantine sandbox.
NinjaScanner v1.2 introduces a new and unique feature, the quarantine sandbox: When moving a file to the quarantine folder, NinjaScanner can use a testing environment (a.k.a.…
Arbitrary file upload vulnerability in WordPress LearnDash LMS plugin.
While cleaning up several hacked WordPress blogs, we identified a critical vulnerability in the LearnDash LMS plugin v2.5.3 (https://www.learndash.com/) that allows an unauthenticated user to upload…
Phishing attack targeting Magento shop owners.
A phishing attack has been targeting Magento shop owners for the past 24 hours attempting to steal their login credentials. A so-called customer sends a “Invalid…
Syslog logging with NinjaFirewall.
NinjaFirewall WP+ (3.5.4), Pro and Pro+ (3.2.12) introduce a long awaited feature, Syslog logging: Syslog is a way for network devices to send event messages to…