NinjaFirewall PHP sessions debugging.

NinjaFirewall (WP and WP+ Edition) v3.4.3 introduces two new constants to help you debug potential PHP session issues such as whitelisted users being blocked by the…

NinjaFirewall Full WAF vs WordPress WAF mode.

Revision: July 29, 2021 Since version 3.4, NinjaFirewall (WP and WP+) can be installed in two different modes: Full WAF or WordPress WAF. Full WAF mode…

Hackers targeting web hosts customer accounts.

Companies such as web hosts, registrars and CDNs have become a prime target for hackers. Because they host your DNS, hackers can alter them and reroute…

Arbitrary file upload vulnerability in WordPress Delete-All-Comments plugin.

On November 20th, while auditing a hacked WordPress website, we identified a critical vulnerability in the Delete All Comments WordPress plugin v2.0, which has over 30,000…

Latest Joomla! critical vulnerability being actively exploited in the wild.

Joomla! 3.6.4 was released on October 25. It fixed three critical vulnerabilities: CVE-2016-8869, CVE-2016-8870 and CVE-2016-9081. The third one was discovered two days later. Someone published…