WordPress PWA for WP and AMP plugin fixed vulnerabilities.

The WordPress PWA for WP and AMP plugin (20,000+ active installations) fixed a critical broken access control vulnerability affecting version 1.7.32 and below that could lead to arbitrary file upload and remote code execution.

Posted on June 21, 2021 - 11:11am [+0700]
NinjaFirewall

Multiple WordPress plugins fixed CSRF vulnerabilities (part 3).

Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.

Posted on June 18, 2021 - 12:46pm [+0700]
NinjaFirewall

Broken access control vulnerability fixed in WordPress 404 to 301 plugin.

The WordPress 404 to 301 plugin (100,000+ active installations), fixed a broken access control vulnerability affecting version 3.0.7 and below.

Posted on June 11, 2021 - 12:25pm [+0700]
NinjaFirewall

Improper input validation fixed in WordPress Popular Posts plugin.

WordPress Popular Posts plugin (300,000+ active installations) fixed improper input validation affecting version 5.3.2 and below that could lead to remote code execution.

Multiple WordPress plugins fixed CSRF vulnerabilities (part 2).

Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.