Multiple vulnerabilities in Sliced Invoices plugin.

The WordPress Sliced Invoices plugin, which has 6,000+ active installations, was prone to multiple vulnerabilities in version 3.8.2 and below.

Posted on October 14, 2019October 14, 2019
NinjaFirewall

Zero-day vulnerability exploited in WordPress Lara Google Analytics plugin.

The WordPress Lara Google Analytics plugin, which has 20,000+ active installations, was prone to an authenticated stored XSS vulnerability.

Posted on October 13, 2019October 13, 2019
Changelog

NinTechNet changelog.

October 13, 2019 NinjaScanner v2.0.2 Fixed a bug where NinjaScanner original menu was not removed from the dashboard left frame after integrating it with NinjaFirewall v4.0+.…

Posted on October 2, 2019October 7, 2019
NinjaFirewall

Stored XSS vulnerability in WordPress Download Plugins and Themes from Dashboard plugin.

The WordPress Download Plugins and Themes from Dashboard plugin, which has 10,000+ active installations, was prone to an unauthenticated stored XSS vulnerability in version 1.5.0 and below.

Posted on September 24, 2019September 26, 2019
NinjaFirewall

Vulnerability in the WordPress Delucks SEO plugin actively exploited.

The WordPress DELUCKS SEO plugin version 2.1.7 and below is prone to a vulnerability that is actively exploited by hackers.

Posted on September 20, 2019October 7, 2019
NinjaFirewall

Multiple vulnerabilities in WordPress Motors Car Dealer & Classified Ads plugin.

The WordPress Motors Car Dealer & Classified Ads plugin, which has 10,000+ active installations, was prone to multiple vulnerabilities in version 1.4.0 and below.

Posted on September 20, 2019October 7, 2019
NinjaFirewall

Unauthenticated options import vulnerability in WordPress Ultimate FAQ plugin.

The WordPress Ultimate FAQ plugin, which has 30,000+ active installations, was prone to an unauthenticated options import vulnerability in version 1.8.24 and below.

Posted on September 9, 2019September 9, 2019
NinjaFirewall

Critical vulnerability fixed in WordPress LifterLMS plugin.

The WordPress LifterLMS plugin , which has 9,000+ active installations, fixed a critical vulnerability in version 3.34.5 and earlier.

Posted on September 7, 2019September 7, 2019
NinjaFirewall

Settings change vulnerability in WordPress Search Exclude plugin.

The WordPress Search Exclude plugin, which has 30,000+ active installations, was prone to two vulnerabilities that could allow any user to change its settings.

Posted on August 27, 2019October 8, 2019
NinjaFirewall

Unauthenticated options change vulnerability in WordPress WP Private Content Plus plugin.

The WordPress WP Private Content Plus (9,000+ active installations) was prone to an unauthenticated options change vulnerability.