06 Dec

Here Is Yet Another Vulnerability Spotted by Our Plugin Security Checker in the WordPress Plugin Ultimate Member

The WordPress plugin Ultimate Member was the cause of too many websites being hacked back in August, we say too many because the developer didn’t promptly fix a vulnerability that was being exploited for some inexplicable reason. It probably then isn’t surprising that as we improve our Plugin Security Checker, an automated tool that you [Read more]

30 Nov

Vulnerability Details: Authenticated Open Redirect in Ninja Forms

This Vulnerability Details post about a vulnerability in the plugin Ninja Forms provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the [Read more]

28 Nov

Vulnerability Details: Authenticated Open Redirect in Nifty Coming Soon & Maintenance page

This Vulnerability Details post about a vulnerability in the plugin Nifty Coming Soon & Maintenance page provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your [Read more]

27 Nov

Vulnerability Details: Authenticated Open Redirect in Minimal Coming Soon & Maintenance Mode

This Vulnerability Details post about a vulnerability in the plugin Minimal Coming Soon & Maintenance Mode provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your [Read more]

27 Nov

Vulnerability Details: Authenticated Open Redirect in Under Construction

This Vulnerability Details post about a vulnerability in the plugin Under Construction provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the [Read more]

26 Nov

Our Plugin Security Checker Now Identifies the Possibility of Vulnerabilities Like This One in a WordPress Plugin with 100,000+ Installs

We often find that the various things that we do lead to improvements in other things we do. That just came up in something that we started looking into while working on a security review of a WordPress plugin chosen by our customers that has led to an improvement in our automated tool for detecting possible [Read more]

16 Jun

Vulnerability Details: Authenticated Open Redirect in WordPress Download Manager

This Vulnerability Details post about a vulnerability in the plugin WordPress Download Manager provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]