Freemius Patches Severe Vulnerability in Library Used by Popular WordPress Plugins

Freemius, a monetization, analytics, and marketing library for WordPress plugin and theme developers, patched an authenticated option update vulnerability in its wordpress-sdk four days ago. The library is included with many popular plugins, such as NextGEN Gallery (1,000,000+ installs), 404 – 301 (100,000+ installs), WP Security Audit Log (80,000+ installs), (more…)

Continuer la lecture Freemius Patches Severe Vulnerability in Library Used by Popular WordPress Plugins

WPBrigade Patches Critical Vulnerability in Simple Social Buttons Plugin

WPBrigade, the developers behind the Simple Social Buttons plugin, have patched a critical privilege escalation vulnerability. The security issue was discovered by the team at WebARX. Developer and researcher Luka Šikić summarized the vulnerability in a post published this week: Improper application design flow, chained with lack of permission check (more…)

Continuer la lecture WPBrigade Patches Critical Vulnerability in Simple Social Buttons Plugin