NinTechNet changelog.
July 29, 2021 NinjaFirewall (WP+/WP) v4.4 The “Full WAF” mode can be configured to exclude some directories. That can be done from the “NinjaFirewall > Dashboard”…
Search Results for: admin_init
Unauthenticated function injection vulnerability fixed in 15 WordPress themes.
Fifteen WordPress themes were prone to critical unauthenticated function injection and privilege escalation vulnerabilities.
High severity vulnerability fixed in Product Input Fields for WooCommerce.
The Product Input Fields for WooCommerce plugin (5,000+ active installations) fixed a high severity vulnerability that could allow an unauthenticated user to download any file from the blog, including the WordPress configuration file.
Vulnerabilities fixed in WordPress WP Security Audit Log plugin.
The WordPressWP Security Audit Log plugin, (100,000+ active installations), fixed a vulnerability that could lead to privilege escalation, sensitive data exposure and insecure deserialization.
WordPress Plugins and Themes Vulnerabilities: Stats, Facts and Recommendations.
For the past six months, we have reported quite a lot of vulnerabilities we discovered in WordPress themes and plugins. Here are some interesting stats and facts about them, as well as a few recommendations for developers.