The fourth release candidate for WordPress 5.3 is now available! WordPress 5.3 is currently scheduled to be released on November 12 2019, but we need your help to get there—if you haven’t tried 5.3 yet, now is the time! There are two ways to test the WordPress 5.3 release candidate: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
Archive for November 5th, 2019
5 results.
[20191002] – Core – Path Disclosure in phpuft8 mapping files
Nov05
on November 5, 2019
at 1:00 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.6.0 – 3.9.12
- Exploit type: Path Disclosure
- Reported Date: 2019-November-01
- Fixed Date: 2019-November-05
- CVE Number: CVE-2019-18674
Description
Missing access check in the phputf8 mapping files could lead to an path disclosure.
Affected Installs
Joomla! CMS versions 3.6.0 – 3.9.12
Solution
Upgrade to version 3.9.13
Contact
The JSST at the Joomla! Security Centre.
Reported By: Phil Taylor
Comment
[20191001] – Core – CSRF in com_template overrides view
Nov05
on November 5, 2019
at 1:00 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.2.0-3.9.12
- Exploit type: CSRF
- Reported Date: 2019-October-10
- Fixed Date: 2019-November-05
- CVE Number: CVE-2019-18650
Description
A missing token check in com_template causes a CSRF vulnerability.
Affected Installs
Joomla! CMS versions 3.2.0 – 3.9.12
Solution
Upgrade to version 3.9.13
Contact
The JSST at the Joomla! Security Centre.
Reported By: Lee Thao from Viettel Cyber Security
Joomla 3.9.13 is now available. This is a security fix release for the 3.x series of Joomla which addresses two security vulnerabilities and contains over 15 bug fixes and improvements.
The post Getting Plesk support for your HTTP/2 appeared first on Plesk.