Email Subscribers & Newsletters <= 4.1.6 – Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9508
CformsII <= 15.0.1 – Unauthenticated HTML Injection & CSRF
More info:
https://wpvulndb.com/vulnerabilities/9505
Ultimate Member <= 2.0.53 – Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9506
Simple Membership <= 3.8.4 – Cross-Site Request Forgery (CSRF)
More info:
https://wpvulndb.com/vulnerabilities/9482
Kubernetes Security Issue (CVE-2019-11249)
Last Updated: August 15, 2019 9:00AM PDT CVE Identifier: CVE-2019-11249 AWS is aware of a security issue (CVE-2019-11249) which resolves incomplete fixes for CVE-2019-1002101 and CVE-2019-11246. Like the aforementioned CVEs, the issue is in the Kubernetes kubectl tool that could allow a malicious container to replace or create files on a users workstation. If a user were to run an untrusted container containing a malicious version of the tar command and execute the kubectl cp operation, the
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2019-007/
Responsive Menu <= 3.1.3 – XSS and CSRF
More info:
https://wpvulndb.com/vulnerabilities/9509
DSA-4500 chromium – security update
Several vulnerabilities have been discovered in the chromium web browser.
More info:
https://www.debian.org/security/2019/dsa-4500
Podcast Episode 38: Automattic Buys Tumblr from Verizon
https://www.wordfence.com/blog/2019/08/podcast-episode-38-automattic-buys-tumblr-verizon/ The Wall Street Journal reported on Monday, August 12, 2019 that Verizon is selling social media and blogging platform Tumblr to Automattic for an undisclosed sum, though rumors state that it may be as low as $3 million dollars. After the announcement, Automattic CEO Matt Mullenweg discussed the news on PostStatus, stating that they […]
More info:
https://www.wordfence.com/blog/2019/08/podcast-episode-38-automattic-buys-tumblr-verizon/
Password Policy Manager 1.4: premium trials, advantageous pricing & plugin improvements
https://www.wpwhitesecurity.com/password-policies-manager-1-4/In September 2018 we released the first version of the Password Policy Manager plugin for WordPress. The plugin has been a great success. It helps hundreds of administrators ensure their WordPress users use very strong passwords. Today we are announcing update 1.4 of the plugin. With this update we are allowing users to trial the […]
More info:
https://www.wpwhitesecurity.com/password-policies-manager-1-4/
DSA-4497 linux – security update
Several vulnerabilities have been discovered in the Linux kernel thatmay lead to a privilege escalation, denial of service or informationleaks.
More info:
https://www.debian.org/security/2019/dsa-4497