Critical vulnerability fixed in WordPress Pinterest Automatic plugin.

Wordpress Pinterest Automatic plugin (7,000+ installations) fixed a critical vulnerability affecting version 4.14.3 and below that could allow unauthenticated users to take over the website and its database.

How hackers install and hide rogue plugins on your WordPress blog.

A while back, I explained how hackers created hidden admin users after hacking a WordPress blog. In this post, we will see how they upload and hide rogue plugins.

Posted on August 31, 2021 - 11:47am [+0700]
NinjaFirewall

WooCommerce Dynamic Pricing and Discounts plugin fixed multiple vulnerabilities.

The WooCommerce Dynamic Pricing and Discounts plugin (19,000+ installations), fixed multiple unauthenticated vulnerabilities affecting version 2.4.1 and below.

Anatomy of the EICAR Antivirus Test File.

Did you know the EICAR AV Test file was a program? In this post, we disassemble that 68-byte COM program and analyze its code.

Posted on August 16, 2021 - 12:20pm [+0700]
NinjaFirewall

Multiple WordPress plugins fixed CSRF vulnerabilities (part 5).

Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.