The following post was written by Kris Hadlock, President and CTO, at website migration specialist WordHerd. Migrating a website from one platform to another may seem like a straightforward process, but there are many factors to take into consideration. You may be thinking that it simply involves a copy and paste of content, downloading and… […]
More info:
https://wpengine.com/blog/understanding-top-website-migration-factors/
A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 sites. The plugin is from the same creators as wpCentral, a plugin within which we recently discovered a privilege escalation vulnerability. One flaw allowed any […]
More info:
https://www.wordfence.com/blog/2020/05/high-severity-vulnerabilities-in-pagelayer-plugin-affect-over-200000-wordpress-sites/
When it comes to managing your WordPress site, keeping your login secure and working well should be of top priority. Whether you operate an eCommerce store, or a membership site, making sure that your users utilize a strong username and password combination is essential to securing your website against outside threats and hacking attempts. And […]
More info:
https://www.wpwhitesecurity.com/wordpress-secure-login-plugins/
When it comes to managing your WordPress site, keeping your login secure and working well should be of top priority. Whether you operate an eCommerce store, or a membership site, making sure that your users utilize a strong username and password combination is essential to securing your website against outside threats and hacking attempts. And […]
More info:
https://www.wpwhitesecurity.com/wordpress-secure-login-plugins/
Project: Drupal coreDate: 2020-May-20Security risk: Moderately critical 10∕25 AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:AllVulnerability: Open RedirectCVE IDs: CVE-2020-13662 Description: Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.The vulnerability is caused by insufficient validation of the destination query parameter in the drupal_goto()
More info:
https://www.drupal.org/sa-core-2020-003
Project: Drupal coreDate: 2020-May-20Security risk: Moderately critical 10∕25 AC:Basic/A:None/CI:None/II:None/E:Theoretical/TD:AllVulnerability: Open RedirectCVE IDs: CVE-2020-13662 Description: Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.The vulnerability is caused by insufficient validation of the destination query parameter in the drupal_goto()
More info:
https://www.drupal.org/sa-core-2020-003
Będąc wykorzystywanym przez jedną trzecią wszystkich stron internetowych, WordPress zawsze przyciąga uwagę hakerów. W ostatnich latach zasięg ataków na WordPress jest alarmujący i wymaga działania. Pomimo ataków WordPress Security jest wciąż bardzo źle rozumianą i niedocenianą koncepcją. Właściciele witryn uważają, że wygodniej jest je przeoczyć.
More info:
https://www.getastra.com/blog/cms/wordpress-security/przewodnik-bezpieczenstwa-wordpress/
New WordPress plugin and theme vulnerabilities were disclosed during the second half of May, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. New WordPress plugin and […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-may-2020-part-2/
Apache Tomcat vulnerability CVE-2020-9484 Security Advisory Security Advisory Description When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to ...
More info:
https://support.f5.com/csp/article/K03121171?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2019-19062 Security Advisory Security Advisory Description A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3 ...
More info:
https://support.f5.com/csp/article/K84797753?utm_source=f5support&utm_medium=RSS
