8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.

Posted on January 25, 2022 - 12:17pm [+0700]
NinjaFirewall

Critical vulnerability in WordPress AdSanity plugin.

WordPress AdSanity plugin is prone to a critical vulnerability affecting version 1.8.1 and below that could allow a low-privilege user to perform arbitrary file upload, remote code execution and stored cross-site scripting attacks.

WordPress JobSearch WP Job Board plugin fixed vulnerability.

The WordPress JobSearch WP Job Board plugin (1,600+ sales on Envato) fixed a broken access control vulnerability in version 1.8.1 and below that could allow users to take over the website and its database.

Posted on October 1, 2021 - 12:50am [+0700]
NinjaFirewall

WordPress WP DSGVO Tools (GDPR) plugin patched severe vulnerability actively exploited in the wild.

The WordPress WP DSGVO Tools (GDPR), which as 30,000+ active installations, fixed a severe vulnerability that is actively exploited in the wild.