by Michael Hawkins. Activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.Severity/Risk:MinorVersions affected:3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versionsVersions fixed:3.7.2, 3.6.6 and 3.5.8Reported by:Andrew NicolsCVE identifier:CVE-2019-14829Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66187Tracker issue:MDL-66187 Activity
More info:
https://moodle.org/mod/forum/discuss.php?d=391035&parent=1576213
by Michael Hawkins. Activity creation capabilities were not correctly respected when selecting the activity to use for a course in single activity mode.Severity/Risk:MinorVersions affected:3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versionsVersions fixed:3.7.2, 3.6.6 and 3.5.8Reported by:Andrew NicolsCVE identifier:CVE-2019-14829Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66187Tracker issue:MDL-66187 Activity
More info:
https://moodle.org/mod/forum/discuss.php?d=391035&parent=1576213
More info:
https://wpvulndb.com/vulnerabilities/9880
https://www.wpsecurityauditlog.com/releases/update-3-5/The main role of an audit log plugin (aka activity log) is to keep a log of the changes users do on your WordPress website. However, the WP Security Audit Log can also keep a log of other website activities that you should know of. For example it can keep a log when new users […]
More info:
https://www.wpsecurityauditlog.com/releases/update-3-5/
https://www.wpwhitesecurity.com/ssl-tls-https-guide-wordpress-administrators/When you visit a website, your browser (also known as a client) sends a HTTP request to a web server. Once the web server sends an HTTP response, the browser can then render the page to your screen. However, HTTP traffic has a problem; it is a plaintext protocol. This makes it susceptible to snooping […]
More info:
https://www.wpwhitesecurity.com/ssl-tls-https-guide-wordpress-administrators/
https://ithemes.com/top-5-wordpress-security-vulnerabilities/If you own a WordPress website, you should be aware of potential WordPress security vulnerabilities. Just like locking the doors of your house, investing in an alarm system and paying for insurance, your website should have security and safety measures in place. The truth is, most WordPress security issues can be prevented if site owners simply follow […]
More info:
https://ithemes.com/top-5-wordpress-security-vulnerabilities/
https://ithemes.com/5-ithemes-security-tips/Using a WordPress security plugin like iThemes Security Pro is a great way to secure your WordPress site. In this post, we cover 5 iThemes Security tips to help secure your WordPress website. WordPress security can seem like a daunting task, but the good news is managing your security strategy can be a painless experience. […]
More info:
https://ithemes.com/5-ithemes-security-tips/
libssh2 vulnerability CVE-2019-13115 Security Advisory Security Advisory Description In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer ...
More info:
https://support.f5.com/csp/article/K13322484
https://wpvulndb.com/vulnerabilities/9878
More info:
https://wpvulndb.com/vulnerabilities/9878
https://wpengine.com/blog/wordfence-now-works-on-wp-engine/At WP Engine, we maintain a list of plugins that are disallowed on our platform for various reasons. We do this to ensure the security and performance of our WordPress Digital Experience Platform and to prevent redundancies between certain plugins and our platform. WordFence, which is a highly popular security plugin used by more than… […]
More info:
https://wpengine.com/blog/wordfence-now-works-on-wp-engine/
