Login

Tag Archives: Finale Lite

1 Mar 2024

How Our Customers Helped Make WordPress Plugins More Secure, Week of March 1

Our customers provide us with the ability to help make WordPress plugins more secure. Mostly, with plugins they use, but to a lesser extent other plugins. That work often goes unmentioned. So we are highlighting that to help to better understand what is going on and how signing up for our service can help to expand that work.

Vulnerability Fixed in Finale Lite

A couple of weeks ago we noted that a vulnerability in a plugin being targeted by a hacker hadn’t been fully fixed. We also found that another plugin from the same developer was not fixed at all. This week that second plugin, Finale Lite, was fixed enough to stop exploitation. It still isn’t fully secured, though. [Read more]

16 Feb 2024

How Our Customers Helped Make WordPress Plugins More Secure, Week of February 16

Our customers provide us with the ability to help make WordPress plugins more secure. Mostly, with plugins they use, but to a lesser extent other plugins. That work often goes unmentioned. So we are highlighting that to help to better understand what is going on and how signing up for our service can help to expand that work.

Cross-Site Request Forgery (CSRF) Vulnerability Fixed in Formidable Forms

In January, we found that the developers of the 300,000+ install Formidable Forms had incompletely addressed an issue with cross-site request forgery (CSRF) in the plugin. We found that because at least one of our customers was using the plugin and there was a new version released that suggested there might be a fix for that type of issue. Earlier this week, the developer release an update that fixed the remaining issue. [Read more]