16 WooCommerce Product Add-Ons Plugins Fixed Vulnerabilities.

16 WooCommerce product add-ons plugins fixed a critical broken access control vulnerability that could allow customers to take over the website and its database.

NinTechNet changelog.

September 20, 2021 NinjaFirewall (WP+/WP) v4.4.2 Fixed an issue introduced in v4.4.1 where a notification email was sent each time an external application authenticated itself. https://nintechnet.com/ninjafirewall/wp-edition/…

Posted on September 13, 2021 - 12:14pm [+0700]
NinjaFirewall

Vulnerability fixed in WordPress WooCommerce Multi Currency plugin.

The WooCommerce Multi Currency plugin (7,700+ sales on Envato) fixed a broken access control vulnerability in version 2.1.17 and below that could allow customers to change the price of all products.

Critical vulnerability fixed in WordPress Automatic Plugin.

WordPress Automatic Plugin (26,000+ installations) fixed a critical vulnerability affecting version 3.53.2 and below that could allow unauthenticated users to take over the website and its database.

Posted on September 6, 2021 - 12:51pm [+0700]
NinjaFirewall

Critical vulnerability fixed in WordPress Pinterest Automatic plugin.

Wordpress Pinterest Automatic plugin (7,000+ installations) fixed a critical vulnerability affecting version 4.14.3 and below that could allow unauthenticated users to take over the website and its database.