WordPress 2J SlideShow plugin fixed authenticated arbitrary plugin deactivation vulnerability.

The WordPress 2J SlideShow plugin, which has 3,000+ active installations, fixed an authenticated arbitrary plugin deactivation vulnerability affecting version 1.3.31 and below.

Posted on December 30, 2019January 7, 2020
NinjaFirewall

WordPress Ape Gallery plugin fixed authenticated arbitrary plugin deactivation vulnerability.

The WordPress Ape Gallery plugin, which has 6,000+ active installations, fixed an authenticated arbitrary plugin deactivation vulnerability affecting version 2.0.6 and below.

Posted on December 27, 2019January 7, 2020
NinjaFirewall

WordPress GDPR Cookie Compliance plugin fixed authenticated settings deletion vulnerability.

The WordPress GDPR Cookie Compliance plugin, which has 90,000+ active installations, fixed an authenticated settings deletion vulnerability affecting version 4.0.2 and below.

Posted on December 20, 2019January 7, 2020
NinjaFirewall

WordPress Plugins and Themes Vulnerabilities: Stats, Facts and Recommendations.

For the past six months, we have reported quite a lot of vulnerabilities we discovered in WordPress themes and plugins. Here are some interesting stats and facts about them, as well as a few recommendations for developers.

Posted on December 2, 2019January 7, 2020
NinjaFirewall

WordPress Mesmerize and Materialis themes fixed an authenticated options change vulnerability.

The WordPress Mesmerize (60,000+ active installations) and Materialis (10,000+ active installations) themes fixed a vulnerability that could allow authenticated users to modify WordPress core options in the database.