8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.

WordPress JobSearch WP Job Board plugin fixed vulnerability.

The WordPress JobSearch WP Job Board plugin (1,600+ sales on Envato) fixed a broken access control vulnerability in version 1.8.1 and below that could allow users to take over the website and its database.

Posted on September 20, 2021 - 11:04am [+0700]
NinjaFirewall

16 WooCommerce Product Add-Ons Plugins Fixed Vulnerabilities.

16 WooCommerce product add-ons plugins fixed a critical broken access control vulnerability that could allow customers to take over the website and its database.

Posted on September 13, 2021 - 12:14pm [+0700]
NinjaFirewall

Vulnerability fixed in WordPress WooCommerce Multi Currency plugin.

The WooCommerce Multi Currency plugin (7,700+ sales on Envato) fixed a broken access control vulnerability in version 2.1.17 and below that could allow customers to change the price of all products.