WordPress FlyingPress plugin fixed broken access control vulnerability.

The WordPress FlyingPress plugin fixed an authenticated broken access control vulnerability affecting version 3.9.6 and below.

Posted on April 12, 2022 - 11:48am [+0700]
NinjaFirewall

8 WordPress plugins fixed high severity vulnerability.

8 WordPress plugins were prone to a high severity authenticated arbitrary plugin installation vulnerability, among other issues.

Posted on February 10, 2022 - 5:41pm [+0700]
NinjaFirewall

Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.

Posted on January 25, 2022 - 12:17pm [+0700]
NinjaFirewall

Critical vulnerability in WordPress AdSanity plugin.

WordPress AdSanity plugin is prone to a critical vulnerability affecting version 1.8.1 and below that could allow a low-privilege user to perform arbitrary file upload, remote code execution and stored cross-site scripting attacks.

WordPress JobSearch WP Job Board plugin fixed vulnerability.

The WordPress JobSearch WP Job Board plugin (1,600+ sales on Envato) fixed a broken access control vulnerability in version 1.8.1 and below that could allow users to take over the website and its database.