In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.
NinjaScanner is a lightweight, fast and powerful antivirus scanner for WordPress which includes many features to help you scan your blog for malware and virus.
Starting from version 3.0, NinjaFirewall, our Web Application Firewall for PHP (Pro and Pro+ Edition) and WordPress (WP and WP+ Edition), includes a new powerful filtering engine.
The WordPress Motors Car Dealer & Classified Ads plugin, which has 10,000+ active installations, was prone to multiple vulnerabilities in version 1.4.0 and below.
The WordPress Ultimate FAQ plugin, which has 30,000+ active installations, was prone to an unauthenticated options import vulnerability in version 1.8.24 and below.
The WordPress LifterLMS plugin , which has 9,000+ active installations, fixed a critical vulnerability in version 3.34.5 and earlier.
The WordPress Search Exclude plugin, which has 30,000+ active installations, was prone to two vulnerabilities that could allow any user to change its settings.
The WordPress WP Private Content Plus (9,000+ active installations) was prone to an unauthenticated options change vulnerability.
A critical vulnerability in the WordPress Bold Page Builder plugin, which has 20,000+ active installations, has been exploited for the past 24 hours.
The WordPress CformsII plugin (10,000+ active installations) was prone to an HTML injection vulnerability that could be used to target the administrator.
The WordPress “Simple 301 Redirects Addon Bulk Uploader”, which has 20,000+ active installations, was prone to a unauthenticated options change vulnerability that could allow an attacker to redirect all URLs to a malicous website.
The WordPress ND Restaurant Reservations plugin (300+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database.
The WordPress Login or Logout Menu Item (10,000+ active installations) was prone to an unauthenticated options change vulnerability.