Vulnerabilities fixed in WordPress B2BKing plugin.

The WordPress B2BKing plugin fixed a broken access control vulnerability that could allow customers to change the price of all products.

High severity vulnerability fixed in WordPress Elementor Pro plugin.

Elementor Pro, a popular page builder plugin for WordPress, fixed a broken access control vulnerability affecting version 3.11.6 and below that could allow full site takeover.

Posted on April 12, 2022 - 11:48am [+0700]
NinjaFirewall

8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.

Posted on January 25, 2022 - 12:17pm [+0700]
NinjaFirewall

Critical vulnerability in WordPress AdSanity plugin.

WordPress AdSanity plugin is prone to a critical vulnerability affecting version 1.8.1 and below that could allow a low-privilege user to perform arbitrary file upload, remote code execution and stored cross-site scripting attacks.