27 Aug 2019

Our Security Review for WordPress Plugins Would Have Identified the Vulnerability in Bold Page Builder Before It Was Exploited

Last week we discussed how the developers of the Wordfence Security plugin are selling their Wordfence Premium service as being able to do something that it can’t and they don’t even try to accomplish. One of the claims about it is this:

Stay a Step Ahead of Attackers with Real-time Threat Intelligence [Read more]

23 Aug 2019

Vulnerability Details: Multiple in Bold Page Builder

It isn’t great idea to tell people to update software and not mention that they are updating to software that is still insecure, but that is what NinTechNet did today in a post about the plugin Bold Page Builder being exploited. Also not great is that first to changes made to the plugin related to that exploitation had a changelog entry of “Minor bug fixes and improvements.”, only the third indicated a security issue, “Improved security.”


[Read more]