The WordPress Flexible Checkout Fields for WooCommerce plugin, which has 20,000+ active installations, fixed a critical zero-day vulnerability affecting version 2.3.1 and below.
The WordPress GDPR Cookie Consent plugin, which has 700,000+ active installations, fixed a vulnerability affecting version 1.8.2 and below that could lead to authenticated stored XSS and privilege escalation.
The WordPress WPS Hide Login plugin (500,000 active installations) fixed a vulnerability in version 184.108.40.206 and below that could allow an attacker to bypass its security and access the secret login page.
January 26, 2020 NinjaFirewall (WP+/WP) v4.1 Added a new feature that will alert you by email if there were an important security update available for your…
The WordPress 2J SlideShow plugin, which has 3,000+ active installations, fixed an authenticated arbitrary plugin deactivation vulnerability affecting version 1.3.31 and below.