Improper input validation fixed in WordPress Popular Posts plugin.
WordPress Popular Posts plugin (300,000+ active installations) fixed improper input validation affecting version 5.3.2 and below that could lead to remote code execution.
The Ninja Technologies Network
WordPress Popular Posts plugin (300,000+ active installations) fixed improper input validation affecting version 5.3.2 and below that could lead to remote code execution.
Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.
The WordPress Kiwi Social Sharing plugin fixed a critical vulnerability affecting version 2.1.0 that could allow unauthenticated users to modify WordPress options in the database and take over the website.
Improper input validation in the WordPress Controlled Admin Access plugin (8,000+ active installations) affecting version 1.5.5 and below could lead to privilege escalation.
The WordPress Flo Forms plugin (10,000+ installations) fixed a critical zero-day vulnerability affecting version 1.0.35 and below that could allow the attacker to take over the website and its database.