On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule […]
More info:
https://www.wordfence.com/blog/2020/07/xss-flaw-impacting-100000-sites-patched-in-kingcomposer/
Your WordPress website is a unique combination of plugins, files, posts, pages, users and so much more. With such a complicated mix, it’s important to understand how to monitor your website for changes and make sure your site is as secure as it can be. Not only that, but monitoring your site for changes can […]
More info:
https://wpactivitylog.com/monitor-wordpress-website-changes/
February 18, 2011 An anonymous reporter has publicly announced a previously undisclosed vulnerability affecting the BROWSER protocol on Windows systems. In addition, the reporter has released proof-of-concept exploit code. Use of the code can result in a denial-of-service condition on the target host, and the reporter has speculated that remote code execution is also possible. Microsoft indicates that all versions of Windows are vulnerable. The vulnerability affects hosts that are or could
More info:
https://aws.amazon.com/security/security-bulletins/windows-cifs-browser-heap-vulnerability/
