High severity vulnerability in WordPress Deeper Comments plugin (unpatched).

The WordPress Deeper Comments plugin is prone to an unpatched broken access control vulnerability that could allow full site takeover.

Vulnerabilities fixed in WordPress B2BKing plugin.

The WordPress B2BKing plugin fixed a broken access control vulnerability that could allow customers to change the price of all products.

High severity vulnerability fixed in WordPress Elementor Pro plugin.

Elementor Pro, a popular page builder plugin for WordPress, fixed a broken access control vulnerability affecting version 3.11.6 and below that could allow full site takeover.

Posted on April 12, 2022 - 11:48am [+0700]
NinjaFirewall

8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.