Overview The Domain Name System (DNS) is often referred to as the “phonebook of the Internet.” It is responsible for translating human readable domain names–such as mozilla.org–into IP addresses, which … Read moreThe post Measuring Middlebox Interference with DNS Records appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/11/17/measuring-middlebox-interference-with-dns-records/
For the third year in a row, WP Engine is a proud co-sponsor of the WP-CLI Project, an initiative led by a small team of developers who dutifully maintain the command-line interface that’s beloved by so many WordPress users around the globe. Since its launch more than a decade ago, WP-CLI has become the go-to… […]
More info:
https://wpengine.com/blog/supporting-wp-cli-an-essential-developer-tool-for-wordpress/
WordPress 5.6 Beta 4 is now available for testing! This software is still in development, so we recommend that you run this version on a test site. You can test the WordPress 5.6 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option). Or download the beta here (zip). The current target for the […]
More info:
https://wordpress.org/news/2020/11/wordpress-5-6-beta-4/
The post How To Create a Staging Site for WordPress Websites? (Step-by-Step) appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.
More info:
https://blogvault.net/wordpress-staging-site/
Three critical privilege escalation vulnerabilities in the Ultimate Member plugin put over 100,000 sites at risk. We also talk about the Page Experience metric to be added as a ranking signal for Google search in May 2021 and what this means for WordPress sites using page builders or Gutenberg. Microsoft warns against using telephone/SMS-based multi-factor […]
More info:
https://www.wordfence.com/blog/2020/11/episode-95-critical-privilege-escalation-vulnerabilities-affect-over-100k-wordpress-sites/
Your WordPress site’s security should be one of your top concerns as a webmaster. However, there’s no such thing as a ‘set and forget’ approach with security. In actual fact, your security arrangements should form part of a never-ending process. You need to continually harden, monitor, improve, and test your WordPress security arrangements. When it […]
More info:
https://www.wpwhitesecurity.com/best-wordpress-security-plugins/
Security on the web matters. Whenever you connect to a web page and enter a password, a credit card number, or other sensitive information, you want to be sure … Read moreThe post Firefox 83 introduces HTTPS-Only Mode appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/
by Michael Hawkins. Users enrolment capabilities were not being sufficiently checked when they restored into an existing course, which could lead to them unenrolling users without having permission to do so.Severity/Risk:MinorVersions affected:3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versionsVersions fixed:3.10, 3.9.3, 3.8.6, 3.7.9 and 3.5.15Reported by:Roman SevostyanovCVE identifier:CVE-2020-25698Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=413935&parent=1668770
by Michael Hawkins. Insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course.Severity/Risk:MinorVersions affected:3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versionsVersions fixed:3.10, 3.9.3, 3.8.6, 3.7.9 and 3.5.15Reported by:Matt PetroCVE identifier:CVE-2020-25699Changes
More info:
https://moodle.org/mod/forum/discuss.php?d=413936&parent=1668771
by Michael Hawkins. Some database module web services allowed students to add entries within groups they did not belong to.Severity/Risk:MinorVersions affected:3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versionsVersions fixed:3.10, 3.9.3, 3.8.6, 3.7.9 and 3.5.15Reported by:Dani PalouCVE identifier:CVE-2020-25700Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-67015Tracker issue:MDL-67015 Some database
More info:
https://moodle.org/mod/forum/discuss.php?d=413938&parent=1668773
