Vulnerabilities fixed in WordPress B2BKing plugin.

The WordPress B2BKing plugin fixed a broken access control vulnerability that could allow customers to change the price of all products.

High severity vulnerability fixed in WordPress Elementor Pro plugin.

Elementor Pro, a popular page builder plugin for WordPress, fixed a broken access control vulnerability affecting version 3.11.6 and below that could allow full site takeover.

WordPress FlyingPress plugin fixed broken access control vulnerability.

The WordPress FlyingPress plugin fixed an authenticated broken access control vulnerability affecting version 3.9.6 and below.

Posted on April 12, 2022 - 11:48am [+0700]
NinjaFirewall

8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.