Blog

Publicado el

OS Command Injection Vulnerability Patched In WP Database Backup Plugin

https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plugin/ Toward the end of April, an unnamed security researcher published details of an unpatched vulnerability in WP Database Backup, a WordPress plugin with over 70,000 users. The vulnerability, which was irresponsibly disclosed to the public before attempting to notify the plugin’s developers, was reported as a plugin configuration change flaw. A proof of concept […] More info: https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plugin/
Publicado el

Privilege Escalation Flaw Present In Slick Popup Plugin

https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/ In April, our Threat Intelligence team identified a privilege escalation flaw present in the latest version of Slick Popup, a WordPress plugin with approximately 7,000 active installs. We notified the developers, a firm called Om Ak Solutions, who acknowledged the issue and informed us that a patch would be released. Per our disclosure policy, […] More info: https://www.wordfence.com/blog/2019/05/privilege-escalation-flaw-present-in-slick-popup-plugin/
Publicado el

Appliance mode tmsh vulnerability CVE-2019-6616

Appliance mode tmsh vulnerability CVE-2019-6616 Security Advisory Security Advisory Description On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, ... More info: https://support.f5.com/csp/article/K82814400
Publicado el

DNS vulnerability CVE-2019-6612

DNS vulnerability CVE-2019-6612 Security Advisory Security Advisory Description On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP ... More info: https://support.f5.com/csp/article/K24401914
Translate »