Understanding CVE-2026-9629 and Its Implications A recent vulnerability identified as CVE-2026-9629 has been discovered in the Canvas plugin for WordPress. This flaw affects versions up to and including 2.5.2. Specifically, it allows authenticated attackers with contributor-level access or higher to exploit vulnerabilities via the 'tag' parameter. This vulnerability enables attackers to inject arbitrary web scripts […]

Critical Vulnerability Detected in FooGallery Plugin The FooGallery plugin for WordPress has been identified with a medium-severity vulnerability that poses a significant threat to server security. This flaw allows authenticated users with minimal access to execute stored cross-site scripting (XSS) attacks using the `custom_attribute_key` shortcode parameter. Overview of the Vulnerability Versions of FooGallery up to […]

Understanding CVE-2026-9629 and Its Implications A recent vulnerability identified as CVE-2026-9629 has been discovered in the Canvas plugin for WordPress. This flaw affects versions up to and including 2.5.2. Specifically, it allows authenticated attackers with contributor-level access or higher to exploit vulnerabilities via the 'tag' parameter. This vulnerability enables attackers to inject arbitrary web scripts […]

Critical Vulnerability Detected in FooGallery Plugin The FooGallery plugin for WordPress has been identified with a medium-severity vulnerability that poses a significant threat to server security. This flaw allows authenticated users with minimal access to execute stored cross-site scripting (XSS) attacks using the `custom_attribute_key` shortcode parameter. Overview of the Vulnerability Versions of FooGallery up to […]

Our CloudFlare integration has been released not so long ago, giving new opportunities and more automated, flawless service to our customers. Our developers worked this project out, because many of our ninja clients use CloudFlare in parallel with our services. The aim of this article is to describe why we needed this development and also to give […]

The onset of the Internet has brought many rewarding benefits to human race. Thanks to it, communication that was pegged to letters, faxes and phone calls back then, have now become faster, reaching more audiences. Social media has also made it possible to connect with people from all around the globe. Although, with this new […]

Have you ever thought about ad-blockers a potential security risk in your everydays? You’d better be banner blind with ad-blockers on or watch out where you click. Ad-blocker pros Ad-blocker is an application that is used worldwide to protect your computers from the annoying, flashy and memory-devouring online advertisements. It is an easy-to-use and easy-to-install […]

There’s one thing in IT security that cannot be patched as many other vulnerabilities: human beings. And as far as the ‘human factor’ is much of a concern, it is our responsibility to educate and protect our employees, customers and businesses from hacks. Data Breach and Social Engineering Data breach stands for the unsolicited phishing […]

If you have a server connected to the Internet, you can bet that it is constantly under scanning. Web-crawlers are gathering information from websites day-by-day. No matter if you have real websites or just an admin panel deployed on the web, sooner or later, they will find the public content. You may would not even […]

This year BitNinja Server Security became Golden Partner of WHD.global in Rust. So why not to share our experiences with you, as we attended at a WHD event for the first time? Ninja dojo and a hint of server security in the air We build up our booth before the very first day of the conference so […]

In today’s world more and more features are available online. New solutions become available day by day for making our life easier, simpler, faster. Regarding the last decade we have been able to say goodbye to long hours of administration. The notion of physical distance has changed too as we can speak now with anyone […]

Since the first emergence of computer viruses and botnets, the number of infected machines is growing day by day. The rapid development of IT not only brought increased comfort to our life, but the vulnerability of our personal data as well.  In parallel with the evolution of technical devices, hackers became more sensible, aggressive and […]

There are many ways your server can be compromised. In this article, I try to sum up the top 5 signs, which show your server has been compromised through your website. Your website is a very vulnerable part of your server, so many attacks targeting this interface. Not only big enterprises, like Sony or Apple, […]

Understanding CVE-2026-9061 and Its Implications for Server Security The recent discovery of CVE-2026-9061 presents serious risks for website operators using the Store Locator WordPress plugin. Versions prior to 1.6.9 contain a vulnerability that allows high-privileged users, such as administrators, to execute Stored Cross-Site Scripting (XSS) attacks. This situation underscores the critical importance of robust server […]

Introduction The cybersecurity landscape is constantly evolving. One of the latest threats comes from a critical vulnerability in the Agile Store Locator plugin for WordPress. Known as CVE-2026-9062, this security flaw can allow attackers to exploit your server if not addressed. Understanding this vulnerability can help system administrators and hosting providers strengthen their server security. […]

Understanding CVE-2026-9109: A Threat to Server Security Recently, a vulnerability named CVE-2026-9109 has come to light, significantly impacting the GPTranslate plugin for WordPress. This vulnerability allows unauthenticated attackers to execute stored cross-site scripting (XSS) attacks through REST API endpoints. Given the increasing sophistication of cyber threats, understanding and mitigating such vulnerabilities has never been more […]