When it comes to testing the protection offered by WordPress security plugins, we seem to be alone in doing that, which isn’t good. We had someone contact us not that long ago who was complaining about our the accuracy of Continue reading NinTechNet’s Website Security Scanner Isn’t a Good Option for Testing the Security Provided by WordPress Firewall Plugins
In March, the details of a vulnerability that had been fixed in a WordPress plugin that extends the functionality of the plugin WooCommerce were disclosed. The exploitabilty of it should have been limited as it required having access to a Continue reading WooCommerce Security Issue Plays Critical Role in Exploiting Serious Vulnerabilities in Other Plugins
There is often a wide gap between the claims of WordPress security providers and reality. That has often been the case with Patchstack going back to its precursors, WebARX and ThreatPress. This week Patchstack started promoting that it is providing Continue reading Patchstack’s Early Alert For WordPress Plugin Vulnerability is Actually Public Info Copied From Competitor
In August 2020, NinTechNet, the developers of the WordPress plugin NinjaFirewall, disclosed vulnerabilities that had been in the plugin CMP – Coming Soon & Maintenance Plugin. That plugin had 100,000+ installs at the time and is now up to 200,000+ Continue reading Security Issue Remains in 200,000+ Install WordPress Plugin Over Two Years After Vulnerabilities Were “Fixed”