Multiple WordPress plugins fixed CSRF vulnerabilities (part 3).
Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.
Category: NinjaFirewall
Broken access control vulnerability fixed in WordPress 404 to 301 plugin.
The WordPress 404 to 301 plugin (100,000+ active installations), fixed a broken access control vulnerability affecting version 3.0.7 and below.
Improper input validation fixed in WordPress Popular Posts plugin.
WordPress Popular Posts plugin (300,000+ active installations) fixed improper input validation affecting version 5.3.2 and below that could lead to remote code execution.
Multiple WordPress plugins fixed CSRF vulnerabilities (part 2).
Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.
WordPress Kiwi Social Sharing plugin fixed critical vulnerability.
The WordPress Kiwi Social Sharing plugin fixed a critical vulnerability affecting version 2.1.0 that could allow unauthenticated users to modify WordPress options in the database and take over the website.