NinjaFirewall WP/WP+ Edition version 4.0-RC1.

NinjaFirewall WP/WP+ Edition v4.0 is coming soon. In the meantime, we have a Release Candidate 4.0-RC1 available for download. What’s new? Improved NinjaFirewall overall interface and…

Posted on June 19, 2019June 19, 2019
NinjaFirewall

Stored XSS and CSV injection vulnerabilities in WordPress Shortlinks by Pretty Links plugin.

The WordPress Shortlinks by Pretty Links plugin, which has over 200,000 active installations, was prone to stored XSS and CSV injection vulnerabilities in version 2.1.9 and below.

Posted on June 6, 2019June 19, 2019
NinjaFirewall

Arbitrary file upload vulnerability in WordPress Crelly Slider plugin.

The WordPress Crelly Slider plugin, which has 20,000+ active installations, was prone to an authenticated arbitrary file upload vulnerability in version 1.3.4 and below.

Posted on May 13, 2019May 13, 2019
Changelog

NinTechNet changelog.

May 13, 2019 NinjaScanner v2.0 Added a new user interface for the scanner report: nicer UI with a separate section for each items, row action links…

Posted on May 2, 2019June 19, 2019
NinjaFirewall

Arbitrary file upload vulnerability in WordPress User Submitted Posts plugin.

The WordPress User Submitted Posts plugin (30,000+ active installations) was prone to an arbitrary file upload vulnerability in version 20190426 and below.

Posted on April 11, 2019June 19, 2019
NinjaFirewall

Zero-day vulnerability in WordPress YellowPencil Visual CSS Style Editor plugin actively exploited.

We are seeing today a lot of hacked WordPress blogs due to a critical vulnerability in the WordPress YellowPencil Visual CSS Style Editor plugin which has 30,000+ active installations.

Posted on April 10, 2019June 19, 2019
Malware

WordPress Yuzo Related Posts plugin vulnerability massively exploited.

Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.

Posted on March 24, 2019April 21, 2019
NinjaFirewall

NinjaFirewall (WP Edition) adds PHP backtrace to email notifications.

Starting from version 3.8.3, NinjaFirewall (WP and WP+ Edition) will attach a PHP backtrace to some important email notifications sent to the administrator.