An analysis of WordPress-related search trends found that interest in WooCommerce related results dominated during 2020. We discuss recent vulnerabilities discovered by our threat intelligence team in Ninja Forms, affecting over 1 million sites. WordPress issues a statement that pirated themes and plugins are prohibited on the repository. And a supply chain attack affects users […]
More info:
https://www.wordfence.com/blog/2021/02/episode-105-the-hottest-trend-in-wordpress/
An analysis of WordPress-related search trends found that interest in WooCommerce related results dominated during 2020. We discuss recent vulnerabilities discovered by our threat intelligence team in Ninja Forms, affecting over 1 million sites. WordPress issues a statement that pirated themes and plugins are prohibited on the repository. And a supply chain attack affects users […]
More info:
https://www.wordfence.com/blog/2021/02/episode-105-the-hottest-trend-in-wordpress/
cURL and libcurl vulnerability CVE-2017-2628 Security Advisory Security Advisory Description cURL, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the ...
More info:
https://support.f5.com/csp/article/K35453761?utm_source=f5support&utm_medium=RSS
cURL vulnerability CVE-2020-8286 Security Advisory Security Advisory Description curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient ...
More info:
https://support.f5.com/csp/article/K15402727?utm_source=f5support&utm_medium=RSS
PHP vulnerability CVE-2021-21702 Security Advisory Security Advisory Description In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect ...
More info:
https://support.f5.com/csp/article/K12183968?utm_source=f5support&utm_medium=RSS
Project: Drupal coreDate: 2020-September-16Security risk: Moderately critical 12∕25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information disclosureCVE IDs: CVE-2020-13670Description: A vulnerability exists in the File module which allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file.Solution: Install the latest version:If you are using Drupal 8.8.x, upgrade to Drupal
More info:
https://www.drupal.org/sa-core-2020-011
cURL vulnerability CVE-2020-8284 Security Advisory Security Advisory Description A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given ...
More info:
https://support.f5.com/csp/article/K63525058?utm_source=f5support&utm_medium=RSS
cURL vulnerability CVE-2020-8285 Security Advisory Security Advisory Description curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP ...
More info:
https://support.f5.com/csp/article/K61186963?utm_source=f5support&utm_medium=RSS
cURL vulnerability CVE-2020-8285 Security Advisory Security Advisory Description curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP ...
More info:
https://support.f5.com/csp/article/K61186963?utm_source=f5support&utm_medium=RSS
OpenSSL vulnerability CVE-2021-23841 Security Advisory Security Advisory Description The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on ...
More info:
https://support.f5.com/csp/article/K52833764?utm_source=f5support&utm_medium=RSS
