Multiple WordPress plugins fixed CSRF vulnerabilities (part 4).

Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.

Posted on July 1, 2021 - 1:17pm [+0700]
NinjaFirewall

WordPress PWA for WP and AMP plugin fixed vulnerabilities.

The WordPress PWA for WP and AMP plugin (20,000+ active installations) fixed a critical broken access control vulnerability affecting version 1.7.32 and below that could lead to arbitrary file upload and remote code execution.

Posted on June 21, 2021 - 11:11am [+0700]
NinjaFirewall

Multiple WordPress plugins fixed CSRF vulnerabilities (part 3).

Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.

Posted on June 18, 2021 - 12:46pm [+0700]
NinjaFirewall

Broken access control vulnerability fixed in WordPress 404 to 301 plugin.

The WordPress 404 to 301 plugin (100,000+ active installations), fixed a broken access control vulnerability affecting version 3.0.7 and below.

Posted on June 11, 2021 - 12:25pm [+0700]
NinjaFirewall

Improper input validation fixed in WordPress Popular Posts plugin.

WordPress Popular Posts plugin (300,000+ active installations) fixed improper input validation affecting version 5.3.2 and below that could lead to remote code execution.