May 13, 2019 NinjaScanner v2.0 Added a new user interface for the scanner report: nicer UI with a separate section for each items, row action links…
The WordPress User Submitted Posts plugin (30,000+ active installations) was prone to an arbitrary file upload vulnerability in version 20190426 and below.
We are seeing today a lot of hacked WordPress blogs due to a critical vulnerability in the WordPress YellowPencil Visual CSS Style Editor plugin which has 30,000+ active installations.
Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.
Starting from version 3.8.3, NinjaFirewall (WP and WP+ Edition) will attach a PHP backtrace to some important email notifications sent to the administrator.
A vulnerability in WordPress Social Sharing Plugin – Social Warfare is currently exploited.
The popular Easy WP SMTP plugin, which as 300,000+ active installations, was prone to a critical zero-day vulnerability.
A critical vulnerability in the WordPress WordPress Kiwi Social Sharing plugin <2.0.11 (30,000+ active installations) is currently exploited since December 6th.
A critical vulnerability in the WordPress WP GDPR Compliance plugin (100k+ active installations) is currently massively exploited.
A critical vulnerability in the popular WordPress Ultimate Member plugin allows allows attackers to upload any files, including PHP backdoors.