Avada WordPress Theme fixed multiple vulnerabilities.
Avada WordPress Theme (600,000 installations) fixed multiple critical vulnerabilities affecting version 6.2.2 and below.
Tag: NinjaFirewall
Authenticated settings change vulnerability in WordPress Quick Page/Post Redirect plugin (unpatched).
The WordPress Quick Page/Post Redirect plugin, which has 200,000+ active installations, is prone to multiple unpatched vulnerabilities.
Unauthenticated stored XSS and content spoofing vulnerabilities in WordPress WP GDPR plugin (unpatched).
The WordPress WP GDPR plugin, which has 6,000+ active installations, is prone to multiple unpatched critical vulnerabilities.
WordPress Ultimate Addons for Gutenberg plugin fixed vulnerability.
The WordPress Ultimate Addons for Gutenberg plugin (200,000+ active installations) fixed an authenticated settings change vulnerability affecting version 1.14.7 and below.
Unauthenticated stored XSS vulnerability in WordPress OneTone theme (unpatched).
The WordPress OneTone theme, which has 20,000+ active installations, is prone to an unpatched and unauthenticated settings import vulnerability that could lead to multiple stored XSS.