Quite a few new WordPress plugin vulnerabilities were disclosed during the second half of October. In this post, we cover recent WordPress plugin, theme, and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-october-2020-part-2/
New WordPress plugin and theme vulnerabilities were disclosed during the first half of October. In this post, we cover recent WordPress plugin, theme, and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-october-2020-part-1/
Today we are excited to announce update 1.5 of the WP 2FA plugin. The highlight of this update is the new fully responsive 2FA wizard and a much improved and efficient code. In this update we have also improved a lot of under the hood things. Let’s dive right in for a highlight of what’s […]
More info:
https://www.wpwhitesecurity.com/wp-2fa-1-5-0/
Linux kernel vulnerability CVE-2017-18344 Security Advisory Security Advisory Description The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 ...
More info:
https://support.f5.com/csp/article/K07020416?utm_source=f5support&utm_medium=RSS
LibTIFF vulnerability CVE-2018-18557 Security Advisory Security Advisory Description LibTIFF 3.9.3, 3.9.4, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0 ...
More info:
https://support.f5.com/csp/article/K70117303?utm_source=f5support&utm_medium=RSS
LibTIFF vulnerability CVE-2018-18557 Security Advisory Security Advisory Description LibTIFF 3.9.3, 3.9.4, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0 ...
More info:
https://support.f5.com/csp/article/K70117303?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2017-10661 Security Advisory Security Advisory Description Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or ...
More info:
https://support.f5.com/csp/article/K04337834?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2017-10661 Security Advisory Security Advisory Description Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or ...
More info:
https://support.f5.com/csp/article/K04337834?utm_source=f5support&utm_medium=RSS
Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This also extends to malware like PHP shells, which are typically left on compromised websites as a backdoor to maintain unauthorized access. MARIJUANA is the name of a PHP shell that […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/SlpobZt-rxk/obfuscation-techniques-in-marijuana-shell-bypass.html
With WordPress 5.6’s imminent release and the recent release of PHP 8, we talk about the rapid changes affecting the future of WordPress with new security features and new functionality available to both WordPress users and developers. We also review a recent vulnerability found by Google Project Zero researchers in iPhones. A social engineering attack […]
More info:
https://www.wordfence.com/blog/2020/12/episode-97-the-future-of-wordpress-with-php-8-and-wordpress-5-6/
