Advanced Custom Fields <= 5.7.0 – Unserialize of user input
https://wpvulndb.com/vulnerabilities/9347
More info:
https://wpvulndb.com/vulnerabilities/9347
DSA-4465 linux – security update
Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.
More info:
https://www.debian.org/security/2019/dsa-4465
Max Mega Menu <= 2.3.8 – Authenticated XSS
https://wpvulndb.com/vulnerabilities/9343
More info:
https://wpvulndb.com/vulnerabilities/9343
Lightbox Adware – From Innocent Scripts to Malicious Redirects
http://feedproxy.google.com/~r/sucuri/blog/~3/m37ci-09kqQ/lightbox-adware-from-innocent-scripts-to-malicious-redirects.html It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if other scripts start behaving the same? What if they start to use your website to spread ransomware? Visitors Redirected to Random Websites on Mobile […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/m37ci-09kqQ/lightbox-adware-from-innocent-scripts-to-malicious-redirects.html
Get Ready for WP Engine’s 2019 Digital Breakthrough Summit
https://wpengine.com/blog/get-ready-for-wp-engines-2019-digital-breakthrough-summit/WP Engine’s Digital Breakthrough Summit is just a week away, and if you haven’t registered yet, there is no time like the present. The annual event brings together tech visionaries, agency trailblazers, and brand pioneers for two days of keynote speeches, panel discussions, and break-out sessions all geared towards helping you find your next digital… […]
More info:
https://wpengine.com/blog/get-ready-for-wp-engines-2019-digital-breakthrough-summit/
LoginPress <= 1.1.13 – Unauthorized Blind SQL Injection
https://wpvulndb.com/vulnerabilities/9348
More info:
https://wpvulndb.com/vulnerabilities/9348
Loco Translate <= 2.2.1 – Authenticated LFI
https://wpvulndb.com/vulnerabilities/9346
More info:
https://wpvulndb.com/vulnerabilities/9346
Share This Image <= 1.19 – Stored XSS
https://wpvulndb.com/vulnerabilities/9345
More info:
https://wpvulndb.com/vulnerabilities/9345
Linux Kernel TCP SACK Denial of Service Issues
Last Updated: June 17, 2019 17:00PM PDT CVE Identifiers: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 This is an update for this issue. AWS Elastic Beanstalk Updated AWS Elastic Beanstalk Linux-based platform versions are available. Customers using Managed Platform Updates will be automatically updated to the latest platform version in their selected maintenance window with no other action required. Alternatively, customers using Managed Platform Updates may independently apply available
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2019-005/