When some developers of WordPress plugin and theme go rogue.

While cleaning-up a hacked WordPress site, we found that some malicious code was added to the theme by its developers.

NinTechNet changelog.

September 22, 2020 NinjaScanner v2.0.9 Fixed a bug where the JavaScript timer, used by the scanner to display its status, could be triggered even in case…

Posted on September 16, 2020 - 7:06pm [+0700]
NinjaFirewall

25 WordPress plugins vulnerable to CSRF attacks.

Twenty five plugins for WordPress were found to be vulnerable to cross-site request forgery (CSRF) attacks.

The impact of an XSS vulnerability on WordPress: How hackers exploit XSS vulnerabilities to create admin accounts on your blog.

With a proof of concept and a video, we explain in this post how hackers exploit XSS vulnerabilities in order to create administrator accounts on your blog.

Posted on September 1, 2020 - 8:50pm [+0700]
NinjaFirewall

Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations).

Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations). Update immediately.