All-in-One WP Migration <= 6.97 – Authenticated Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9461
WPS Child Themes Generator <= 1.1 – Path Traversal
More info:
https://wpvulndb.com/vulnerabilities/9470
DSA-4487 neovim – security update
User Arminius discovered a vulnerability in Vim, an enhanced version of thestandard UNIX editor Vi (Vi IMproved), which also affected the Neovim fork, anextensible editor focused on modern code and features:
More info:
https://www.debian.org/security/2019/dsa-4487
WPS Cleaner <= 1.4.4 – Multiple Issues
More info:
https://wpvulndb.com/vulnerabilities/9473
What is regulatory compliance & how does it affect WordPress security?
https://www.wpwhitesecurity.com/regulatory-compliance-effects-wordpress-website-security/In order to do business, your WordPress website and business have to adhere to rules and regulations. These rules and regulations may take the form of laws (such as GDPR or HIPAA). They may also be compliance requirements, such as PCI DSS or ISO 27001, and may vary from one country to the other. What […]
More info:
https://www.wpwhitesecurity.com/regulatory-compliance-effects-wordpress-website-security/
How to Perform a Website Security Audit ( with Checklist)
http://feedproxy.google.com/~r/sucuri/blog/~3/4nBWp6g1BEI/how-to-perform-a-website-security-audit-with-checklist.html Why Should You Audit Your Website for Security? Most hacks and cyber attacks happen because of poor security practices. The first step you can take to improve your online security is knowing exactly what’s installed on your website. Having a checklist can help you stay on top of website security. Website Audit Checklist Here […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/4nBWp6g1BEI/how-to-perform-a-website-security-audit-with-checklist.html
WPS Limit Login <= 1.4.5 – Multiple Issues
More info:
https://wpvulndb.com/vulnerabilities/9471
Podcast Episode 32: WordPress Vulnerabilities Targeted, iOS Security Update & the Equifax Settlement
https://www.wordfence.com/blog/2019/07/podcast-episode-32-wordpress-vulnerabilities-targeted-ios-security-update-the-equifax-settlement/ This week, we cover WordPress vulnerabilities targeted by a malvertising campaign and an important iOS security update. We also look at Equifax’s $700 million settlement and a recent uptick of new breaches added to Have I Been Pwned. Along with other news and a summary of WordCamp Boston, we talk about the film project […]
More info:
https://www.wordfence.com/blog/2019/07/podcast-episode-32-wordpress-vulnerabilities-targeted-ios-security-update-the-equifax-settlement/
NTP vulnerability CVE-2019-11331
NTP vulnerability CVE-2019-11331 Security Advisory Security Advisory Description Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is ...
More info:
https://support.f5.com/csp/article/K09940637
DSA-4485 openjdk-8 – security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime,resulting in information disclosure, denial of service or bypass ofsandbox restrictions. In addition the implementation of elliptic curvecryptography was modernised.
More info:
https://www.debian.org/security/2019/dsa-4485