21 noviembre, 2018

MSA-18-0020: Login CSRF vulnerability in login form

by Michael Hawkins. The login form is not protected by a token to prevent login cross-site request forgery.Severity/Risk:SeriousVersions affected:3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier unsupported versionsVersions fixed:3.6, 3.5.3, 3.4.6, 3.3.9 and 3.1.15Reported by:Daniel ThatcherCVE identifier:CVE-2018-16854Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-63183Tracker issue:MDL-63183 Login CSRF vulnerability in More info: https://moodle.org/mod/forum/discuss.php?d=378731&parent=1527068

21 noviembre, 2018

Announcing The New Activity Log for MainWP Extension

http://feedproxy.google.com/~r/wpsecurityauditlog/~3/VQMVW3PQxv8/Today we are happy to announce the release of a new free extension – Activity Logs for MainWP. With this extension, MainWP users can keep an activity log of changes that happen on their MainWP dashboard, and also see the activity logs of all child sites from one central location – the MainWP dashboard. Before […] More info: http://feedproxy.google.com/~r/wpsecurityauditlog/~3/VQMVW3PQxv8/

21 noviembre, 2018

PCI for SMB: Requirement 9 – Implement Strong Access Control Measures

http://feedproxy.google.com/~r/sucuri/blog/~3/1PZfyA_8pnQ/pci-for-smb-requirement-9-implement-strong-access-control-measures.html Welcome to the sixth post of a series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles written about PCI, we covered the following: Requirement 1: Build and […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/1PZfyA_8pnQ/pci-for-smb-requirement-9-implement-strong-access-control-measures.html

21 noviembre, 2018

Accelerated Mobile Pages <= 0.9.97.19 – Multiple Unauthenticated Vulnerabilities

More info: https://wpvulndb.com/vulnerabilities/9147

21 noviembre, 2018

WordPress 5.0 Beta 5

https://wordpress.org/news/2018/11/wordpress-5-0-beta-5/WordPress 5.0 Beta 5 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test this WordPress 5.0 Beta: try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”), or […] More info: https://wordpress.org/news/2018/11/wordpress-5-0-beta-5/

L	M	X	J	V	S	D
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30