https://ithemes.com/combat-wordpress-brute-force-attacks-ithemes-brute-force-protection-network-free-ithemes-security/A new way to combat WordPress Brute Force Attacks just arrived with the new iThemes Brute Force Protection Network. This new brute force protection setting is available in the latest version of iThemes Security — free to download on the WordPress.org Plugin Directory. Understanding Brute Force Attacks Unlike hacks that focus on vulnerabilities in software, brute […]
More info:
https://ithemes.com/combat-wordpress-brute-force-attacks-ithemes-brute-force-protection-network-free-ithemes-security/
https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-wpforms-plugin/ WPForms Plugin version 1.5.8.2 and below were found to be vulnerable to authenticated stored XSS while I was auditing the plugin. WPForms version 1.5.9 with improved data sanitization was released on March 5, 2020. Summary WPForms is a popular WordPress …
More info:
https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-wpforms-plugin/
Apache Tomcat vulnerability CVE-2020-1935 Security Advisory Security Advisory Description In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used ...
More info:
https://support.f5.com/csp/article/K43709560?utm_source=f5support&utm_medium=RSS
https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/ On February 24th, our Threat Intelligence team discovered several critical vulnerabilities in RegistrationMagic, a WordPress plugin installed on over 10,000 sites, including the vendor’s own site. These allowed an attacker with subscriber-level permissions to elevate their account’s privileges to those of an administrator and to export every form on the site, including all the
More info:
https://www.wordfence.com/blog/2020/03/multiple-vulnerabilities-patched-in-registrationmagic-plugin/
https://www.wpwhitesecurity.com/ppmwp-2-1/Password Policy Manager for WordPress 2.1 is out today! In this plugin update we added a new policy to disable dormant users, support for post login redirect plugins, and several other improvements. This post highlights all that is new and improved in the latest version of Password Policy Manager for WordPress. The dormant WordPress users […]
More info:
https://www.wpwhitesecurity.com/ppmwp-2-1/
https://blogvault.net/wordpress-permissions/The post WordPress Permissions: Fixing File and Folder Uploads Permissions appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.
More info:
https://blogvault.net/wordpress-permissions/
https://www.wordfence.com/blog/2020/03/coupon-creation-vulnerability-patched-in-woocommerce-smart-coupons/ Description: Unauthenticated Coupon CreationAffected Plugin: WooCommerce Smart CouponsAffected Versions: <= 4.6.0CVSS Score: 5.3 (Medium)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NPatched Version: 4.6.5 Late last month a patch was released for WooCommerce Smart Coupons, a commercial WooCommerce plugin that helps store managers handle coupons and gift certificates. In
More info:
https://www.wordfence.com/blog/2020/03/coupon-creation-vulnerability-patched-in-woocommerce-smart-coupons/
In Case You Missed It As expected, the 2020 RSA Conference was a whirlwind of new announcements and product updates featuring thousands of vendors. Some key takeaways from the conference were: Security is too complicated. Rohit Rhai, RSA Security President, emphasized the point that security leaders are being too technical in their approaches to cybersecurity. The post RSAC 2020 Recap appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2020/03/rsac-2020-recap.html
In Case You Missed It As expected, the 2020 RSA Conference was a whirlwind of new announcements and product updates featuring thousands of vendors. Some of the more notable announcements pertaining to VMware were: The new VMware Advanced Security for Cloud Foundation is designed to enable customers to replace legacy security solutions and deliver The post RSAC 2020 Recap appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2020/03/rsac-2020-recap.html
In Case You Missed It As expected, the 2020 RSA Conference was a whirlwind of new announcements and product updates featuring thousands of vendors. Some of the more notable announcements pertaining to VMware were: The new VMware Advanced Security for Cloud Foundation is designed to enable customers to replace legacy security solutions and deliver The post RSAC 2020 Recap appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2020/03/rsac-2020-recap.html
