The second release candidate for WordPress 5.5 is here! WordPress 5.5 is slated for release on August 11, 2020, but we need your help to get there—if you haven’t tried 5.5 yet, now is the time! You can test the WordPress 5.5 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) Or download the release […]
More info:
https://wordpress.org/news/2020/08/wordpress-5-5-release-candidate-2/
PCRE vulnerability CVE-2020-14155 Security Advisory Security Advisory Description libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (? C substring. (CVE-2020-14155)
More info:
https://support.f5.com/csp/article/K02219239?utm_source=f5support&utm_medium=RSS
A little over a year ago we enabled Enhanced Tracking Protection (ETP) by default in Firefox. We did so because we recognize that tracking poses a threat to society, user … Read moreThe post Firefox 79 includes protections against redirect tracking appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/08/04/firefox-79-includes-protections-against-redirect-tracking/
On July 13, 2020, our Threat Intelligence team was alerted to a recently patched vulnerability in Newsletter, a WordPress plugin with over 300,000 installations. While investigating this vulnerability, we discovered two additional, more serious vulnerabilities, including a reflected Cross-Site Scripting(XSS) vulnerability and a PHP Object Injection vulnerability. We reached out to the plugin’s author on […]
More info:
https://www.wordfence.com/blog/2020/08/newsletter-plugin-vulnerabilities-affect-over-300000-sites/
In the Feature Spotlight posts, we highlight a feature in iThemes Security Pro and share a bit about why we developed the feature, who the feature is for, and how to use the feature. Today we are going to cover Local Brute Force Protection and Banned Users, two great features in the iThemes Security Pro […]
More info:
https://ithemes.com/ithemes-security-pro-feature-spotlight-local-brute-force-protection-banned-users/
jQuery vulnerability CVE-2020-11023 Security Advisory Security Advisory Description In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements ...
More info:
https://support.f5.com/csp/article/K66544153?utm_source=f5support&utm_medium=RSS
jQuery vulnerability CVE-2020-11022 Security Advisory Security Advisory Description In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even ...
More info:
https://support.f5.com/csp/article/K02453220?utm_source=f5support&utm_medium=RSS
Multiple QEMU vulnerabilities CVE-2020-13791, CVE-2020-13800, CVE-2020-15469, CVE-2020-15859, and CVE-2020-15863 Security Advisory Security Advisory Description CVE-2020-13791 hw/pci/pci.c in QEMU ...
More info:
https://support.f5.com/csp/article/K69488451?utm_source=f5support&utm_medium=RSS
In this week’s news, our Threat Intelligence team discovered a vulnerability in the wpDiscuz plugin, affecting over 80,000 WordPress sites. A blind SQL injection attack affected analytics service Waydev, exposing OAuth tokens for GitHub repositories for software companies, leading to further breaches. A debate about problematic admin notices on the WordPress admin dashboard has many […]
More info:
https://www.wordfence.com/blog/2020/07/episode-80-critical-file-upload-vulnerability-in-wpdiscuz-plugin/
Discover the tips and techniques used to attack and break into Joomla based websites. An understanding of these hacker techniques will enable you to be prepared to keep your sites secure. Additionally, penetration testers or red teams needing to exploit Joomla targets will also find practical hints in this guide. Enumeration | Recon 1. Joomla […]
More info:
https://hackertarget.com/attacking-enumerating-joomla/
