Unauthenticated function injection vulnerability in WordPress Sparkling theme.

The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.

Posted on January 25, 2022 - 12:17pm [+0700]
NinjaFirewall

Critical vulnerability in WordPress AdSanity plugin.

WordPress AdSanity plugin is prone to a critical vulnerability affecting version 1.8.1 and below that could allow a low-privilege user to perform arbitrary file upload, remote code execution and stored cross-site scripting attacks.

Code Profiler: WordPress Website Performance Profiling Made Easy.

Code Profiler is a plugin to measure the performance of your WordPress plugins and themes. It makes it super easy to locate any bottleneck in order to speed up your website.

WordPress JobSearch WP Job Board plugin fixed vulnerability.

The WordPress JobSearch WP Job Board plugin (1,600+ sales on Envato) fixed a broken access control vulnerability in version 1.8.1 and below that could allow users to take over the website and its database.

Posted on October 1, 2021 - 12:50am [+0700]
NinjaFirewall

WordPress WP DSGVO Tools (GDPR) plugin patched severe vulnerability actively exploited in the wild.

The WordPress WP DSGVO Tools (GDPR), which as 30,000+ active installations, fixed a severe vulnerability that is actively exploited in the wild.