Day: 28 septiembre, 2019

More info: https://wpvulndb.com/vulnerabilities/9891

More info: https://wpvulndb.com/vulnerabilities/9889

https://www.wordfence.com/blog/2019/09/podcast-episode-47-staying-secure-through-community-cooperation-with-givewps-matt-cromwell/ At WordCamp Sacramento, Matt Cromwell from GiveWP talked with us about how Give began, their mission of democratizing generosity, and how they handled the vulnerability disclosure from the Wordfence team. When our security researchers reached out to provide a proof of concept, the Give and Wordfence teams worked together to ensure that the vulnerability […] More info: https://www.wordfence.com/blog/2019/09/podcast-episode-47-staying-secure-through-community-cooperation-with-givewps-matt-cromwell/

https://www.wpwhitesecurity.com/choosing-https-certificate-wordpress-website/In our previous post WordPress HTTPS, SSL and TLS – a guide for website administrators, we explained what HTTPS and all the other technical terms are, and how it works. In this article, we discuss HTTPS certificates, the different ways you may acquire one for your WordPress website, and why you should or shouldn’t pay […] More info: https://www.wpwhitesecurity.com/choosing-https-certificate-wordpress-website/

https://www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/ Description: Authentication Bypass with Information DisclosureCVSS v3.0 Score: 7.5 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAffected Plugin: GiveWPPlugin Slug: giveAffected Versions: <= 2.5.4Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over 70,000 websites. The weakness More info: https://www.wordfence.com/blog/2019/09/authentication-bypass-vulnerability-in-givewp-plugin/

Linux kernel vulnerability CVE-2007-6762 Security Advisory Security Advisory Description In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it ... More info: https://support.f5.com/csp/article/K05342145

Linux kernel vulnerability CVE-2007-6762 Security Advisory Security Advisory Description In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it ... More info: https://support.f5.com/csp/article/K05342145

It was discovered that the Lemonldap::NG web SSO system did not restrictOIDC authorization codes to the relying party. More info: https://www.debian.org/security/2019/dsa-4533

It was discovered that the Lemonldap::NG web SSO system did not restrictOIDC authorization codes to the relying party. More info: https://www.debian.org/security/2019/dsa-4533