WordPress latest security fixes.

The latest security fixes in WordPress themes and plugins.

Posted on August 12, 2019August 12, 2019
NinjaFirewall

HTML injection vulnerability in WordPress CformsII plugin.

The WordPress CformsII plugin (10,000+ active installations) was prone to an HTML injection vulnerability that could be used to target the administrator.

Posted on August 11, 2019August 11, 2019
Changelog

NinTechNet changelog.

August 11, 2019 NinjaFirewall (WP+/WP) v4.0.2 Added a new policy to enable the “SameSite” flag on cookies in order to protect against cross-site request forgery (CSRF)…

Posted on August 10, 2019August 11, 2019
NinjaFirewall

Unauthenticated option changes in WordPress Simple 301 Redirects Addon Bulk Uploader plugin.

The WordPress “Simple 301 Redirects Addon Bulk Uploader”, which has 20,000+ active installations, was prone to a unauthenticated options change vulnerability that could allow an attacker to redirect all URLs to a malicous website.

Posted on August 9, 2019August 9, 2019
NinjaFirewall

Privilege escalation vulnerability in WordPress ND Restaurant Reservations plugin.

The WordPress ND Restaurant Reservations plugin (300+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database.

Posted on August 7, 2019August 7, 2019
NinjaFirewall

Unauthenticated options change in WordPress Login or Logout Menu Item plugin.

The WordPress Login or Logout Menu Item (10,000+ active installations) was prone to an unauthenticated options change vulnerability.

Posted on August 6, 2019August 6, 2019
NinjaFirewall

Privilege escalation vulnerability in WordPress ND Learning Courses plugin.

The WordPress ND Learning Courses plugin (2,000+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database.

Posted on August 5, 2019August 5, 2019
NinjaFirewall

Privilege escalation vulnerability in WordPress ND Booking plugin.

The WordPress ND Bookings plugin (3,000+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database.

Posted on August 3, 2019August 3, 2019
NinjaFirewall

Privilege escalation vulnerability in WordPress ND Donations plugin.

The WordPress ND Donations plugin (2,000+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database.

Posted on August 3, 2019August 3, 2019
NinjaFirewall

Privilege escalation vulnerability in WordPress ND Travel Management plugin.

The WordPress ND Travel Management plugin (1,000+ active installations) was prone to a critical vulnerability that could allow an attacker to take over the blog and its database