Blog

https://www.wordfence.com/blog/2020/02/improper-access-controls-in-gdpr-cookie-consent-plugin/ Description: Improper Access ControlsAffected Plugin: GDPR Cookie ConsentAffected Versions: <= 1.8.2CVSS Score: 9.0 (Critical)CVSS Vector:CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HPatched Version: 1.8.3 The following post describes how improper access controls lead to a stored cross-site scripting vulnerability in the GDPR Cookie Consent plugin that emerged after it was removed from the More info: https://www.wordfence.com/blog/2020/02/improper-access-controls-in-gdpr-cookie-consent-plugin/

More info: https://wpvulndb.com/vulnerabilities/10069

Red Hat JBoss vulnerability CVE-2015-7501 Security Advisory Security Advisory Description Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization ( ... More info: https://support.f5.com/csp/article/K04734219?utm_source=f5support&utm_medium=RSS

The Multi-Account Containers Add-on will now sync your container configuration and site assignments. Firefox Multi-Account Containers allows users to separate their online identities into different tab types called Containers. Each Container has its own separate storage and cookies. This way, … Continue readingThe post Multi-Account Containers Add-on Sync Feature appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2020/02/06/multi-account-containers-sync/

More info: https://wpvulndb.com/vulnerabilities/10068

https://wpvulndb.com/vulnerabilities/10066 More info: https://wpvulndb.com/vulnerabilities/10066

https://ithemes.com/ithemes-security-pro-lockouts-guide/iThemes Security Pro lockouts are a way to harden your website against external attacks, including WordPress brute force attacks. In this guide, we’ll cover iThemes Security Pro lockouts and how to use them. Keep reading for tips to avoid the dreaded lockout screen (in case you or your client has accidentally locked yourself out of […] More info: https://ithemes.com/ithemes-security-pro-lockouts-guide/

https://www.wordfence.com/blog/2020/02/podcast-episode-64-backdoors-webshells-and-the-growing-risks-of-leaks-breaches/ We take a look at the annual hacked site report from GoDaddy’s Sucuri Security and the types of malware they found in various CMS and shopping cart applications. Microsoft reports they’re finding 77k webshells daily, and WP Scan’s roundup lists a number of popular plugins and themes with recent vulnerabilities. A report from students […] More info: https://www.wordfence.com/blog/2020/02/podcast-episode-64-backdoors-webshells-and-the-growing-risks-of-leaks-breaches/

Apache HTTPD vulnerability CVE-2018-1301 Security Advisory Security Advisory Description A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an ... More info: https://support.f5.com/csp/article/K78131906?utm_source=f5support&utm_medium=RSS

Apache HTTPD vulnerability CVE-2018-1301 Security Advisory Security Advisory Description A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an ... More info: https://support.f5.com/csp/article/K78131906?utm_source=f5support&utm_medium=RSS