Many of the WordPress contribution teams have been working hard on the new WordPress editor, and the tools, services, and documentation surrounding it. Read on to find out more about this ongoing project, as well as everything else that has been happening around the WordPress community in August. WordPress 4.9.8 is Released WordPress 4.9.8 was […]
Archive for CMS
979 results.
Joomla 3.8.12 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements.
Comment
[20180803] – Core – ACL Violation in custom fields
Aug26
on August 26, 2018
at 1:45 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.7.0 through 3.8.11
- Exploit type: ACL Violation
- Reported Date: 2018-July-10
- Fixed Date: 2018-August-28
- CVE Number: CVE-2018-15881
Description
Inadequate checks regarding disabled fields can lead to an ACL violation.
Affected Installs
Joomla! CMS versions 3.7.0 through 3.8.11
Solution
Upgrade to version 3.8.12
Contact
The JSST at the Joomla! Security Centre.
Reported By: Elisa Foltyn, COOLCAT CREATIONS
[20180802] – Core – Stored XSS vulnerability in the frontend profile
Aug26
on August 26, 2018
at 1:45 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 1.5.0 through 3.8.11
- Exploit type: XSS
- Reported Date: 2018-July-10
- Fixed Date: 2018-August-28
- CVE Number: CVE-2018-15880
Description
Inadequate output filtering on the user profile page could lead to a stored XSS attack.
Affected Installs
Joomla! CMS versions 1.5.0 through 3.8.11
Solution
Upgrade to version 3.8.12
Contact
The JSST at the Joomla! Security Centre.
Reported By: Roland Dalmulder, Perfect Web Team
[20180801] – Core – Hardening the InputFilter for PHAR stubs
Aug26
on August 26, 2018
at 1:45 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 1.5.0 through 3.8.11
- Exploit type: Malicious file upload
- Reported Date: 2018-August-23
- Fixed Date: 2018-August-28
- CVE Number: CVE-2018-15882
Description
Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter.
Affected Installs
Joomla! CMS versions 1.5.0 through 3.8.11
Solution
Upgrade to version 3.8.12
Contact
The JSST at the Joomla! Security Centre.
Reported By: Davide Tampellini
13 years ago, we set out with a vision – to develop a CMS that stood firm on its Open Source values. Instantly, the community was behind us – with more than a thousand people joining our project within just one day. Fast forward 13 years and you could say that we’ve come a long way. 14 versions in (major/minor), Joomla! now powers millions of websites, with more than 7950 extensions lining the digital shelves of our extension directory.
Earlier today we issued a Press Release about some very exciting news around cPanel & WHM. Below we answer some of the most common questions so far. Q: What was announced? A: On August 20th, 2018, cPanel signed an agreement to be acquired by a group led by Oakley Capital (Oakley). While Nick sold his interest in cPanel, he will continue to be an owner of the company that owns cPanel. …
Hello again from the world of Customer Service! Over the past several months, we have seen many customers inquire into the cPanel App, its features, and how to set it up. I would like to cover these things and more right here! What is the cPanel App? The cPanel App is an app for Android and iOS devices that allows you to manage your cPanel & WHM accounts. This app is available to provide quick …
We are pleased to announce the immediate availability of WordPress 4.9.8. This maintenance release fixes 46 bugs, enhancements and blessed tasks, including updating the Twenty Seventeen bundled theme. Following are the highlights of what is now available. “Try Gutenberg” callout Most users will now be presented with a notice in their WordPress dashboard. This “Try Gutenberg” […]
With WordPress 5.0 coming closer, there’s lots of work going on all across the project. Read on to learn about how we progressed in July. Release of WordPress 4.9.7 On July 5, WordPress 4.9.7 was released, fixing one security issue and 17 other bugs across the platform. While this is a minor release, incremental fixes […]
5 Reasons Why You Shouldn’t Miss cPanel Conference 2018
Jul31
on July 31, 2018
at 6:27 pm
Posted In: Uncategorized
The annual cPanel Conference is headed home to vibrant Houston, TX! Attracting attendees from around the globe, you will get an exclusive opportunity for personal development, intense learning, and the best networking events in the industry. While we believe that there are countless reasons why you should attend the cPanel Annual Conference, we’ve managed to narrow it down to five. Hear from the experts Our speakers are …
Joomla 3.8.11 is now available. This is a bug fix release for the 3.x series of Joomla including over 35 bug fixes and improvements.
Legacy Backup Deprecation in cPanel & WHM Version 74
Jul26
on July 26, 2018
at 2:30 pm
Posted In: Uncategorized
The Legacy Backup system will be deprecated in cPanel & WHM Version 74, and we anticipate support for Legacy Backups will be removed in Version 82 (currently expected in mid-2019). Before that happens, though, we are focusing on expanding the functionality available for the “new” Backup System. This replacement to the Legacy Backup system offers a more robust, faster, and over-all better backup solution. Better, Stronger… In case you haven’t heard, the cPanel & WHM Backup System, …
Early this year Google announced that it would start warning users when a site they visited was not using an SSL, and we helped you understand the reasons behind SSLs. Today, let’s talk about picking the right one! No matter what sort of website you may host, protecting and encrypting the data transmitted over the internet has never been more important. From consumer apprehension due to browser warnings to identity theft due to …
To keep everyone aware of big projects and efforts across WordPress contributor teams, I’ve reached out to each team’s listed representatives. I asked each of them to share their Top Priority (and when they hope for it to be completed), as well as their biggest Wins and Worries. Have questions? I’ve included a link to […]
Progress on the Gutenberg project, the new content creating experience coming to WordPress, has come a long way. Since the start of the project, there have been 30 releases and 12 of those happened after WordCamp US 2017. In total since then, there have been 1,764 issues opened and 1,115 closed as of WordCamp Europe. […]
WordPress 4.9.7 Security and Maintenance Release
Jul05
on July 5, 2018
at 5:00 pm
Posted In: Uncategorized
WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads […]
With one of the two flagship WordCamp events taking place this month, as well as some important WordPress project announcements, there’s no shortage of news. Learn more about what happened in the WordPress community in June. Another Successful WordCamp Europe On June 14th, WordCamp Europe kicked off three days of learning and contributions in Belgrade. […]
Git Version Control: Soon with Automatic Deployment!
Jun27
on June 27, 2018
at 6:00 pm
Posted In: Uncategorized
This is the sixth and final blog post in a series around Git and a new feature in version 72, Git Version Control. See the full list of entries in this series at the end of this post! This post talks about something that we’re adding in Version 74, which we expect will be entering EDGE sometime during the first week of July, and will be headed to CURRENT sometime in July! If you have been …
A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe. What is Phishing? Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Phishing emails can be sent to any email address. The most effective phishing emails make use …
Joomla 3.8.10 is now available. This is a bug fix release addressing one bug introduced into 3.8.9 which affects Windows servers.
Joomla 3.8.9 is now available. This is a security release which addresses 2 security vulnerabilities and contains over 50 bug fixes and improvements.
[20180602] – Core – XSS vulnerability in language switcher module
Jun26
on June 26, 2018
at 1:30 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 1.6.0 through 3.8.8
- Exploit type: XSS
- Reported Date: 2018-May-07
- Fixed Date: 2018-June-26
- CVE Number: CVE-2018-12711
Description
In some cases the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page url.
Affected Installs
Joomla! CMS versions 1.6.0 through 3.8.8
Solution
Upgrade to version 3.8.9
Contact
The JSST at the Joomla! Security Centre.
Reported By: Borja Lorenzo, Innotecsystem
[20180601] – Core – Local File Inclusion with PHP 5.3
Jun26
on June 26, 2018
at 1:30 pm
Posted In: Uncategorized
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 2.5.0 through 3.8.8
- Exploit type: LFI
- Reported Date: 2018-April-23
- Fixed Date: 2018-June-26
- CVE Number: CVE-2018-12712
Description
Our autoload code checks classnames to be valid, using the “class_exists” function in PHP. In PHP 5.3 this function validates invalid names as valid, which can result in a Local File Inclusion.
Affected Installs
Joomla! CMS versions 2.5.0 through 3.8.8
Solution
Upgrade to version 3.8.9
Contact
The JSST at the Joomla! Security Centre.
Reported By: Davide Tampellini
New SSL Standard Hooks for cPanel & WHM Integrators!
Jun21
on June 21, 2018
at 6:00 pm
Posted In: Uncategorized
Hello, all you lovely people out in third-party developerland! Don’t you hate it when you’re installing an SSL certificate through a script or API calls, but there’s some action that you want to take before or after the installation? Well, thanks to the hardworking folks on the Development Team, cPanel & WHM Version now includes a Standardized Hook for the SSL Installation event. What is a Standard Hook? Standardized Hooks are our way to help developers trigger events …
Git Version Control Series: Git Problems and How to Fix Them
Jun20
on June 20, 2018
at 6:00 pm
Posted In: Uncategorized
This is the fifth in a series of blog posts around Git and a new feature in cPanel & WHM Version 72, Git Version Control. In case you missed the others, there is a list at the bottom of this post. Keep watching for a new one every Wednesday! If you follow our feature request site, you already know about our upcoming feature, Git Version Control. We have designed it to make hosting repositories …
cPanel & WHM’s Convert Addon to Account tool
Jun19
on June 19, 2018
at 4:45 pm
Posted In: Uncategorized
This post was originally added to our blog on Aug 18th, 2016. It has been updated for accuracy, and readability. In the blog post “Managing Multiple Domains from a Single Hosting Account,” we explain how to manage different domains you may own in a single cPanel hosting account. There may be certain circumstances or occasions where you will want to split off an addon domain into its own cPanel account. In the following blog post, …
Following the release of Joomla 4.0 Alpha 3, the Joomla 4 Working Group has published below a status update on the anticipated release of Joomla 4.
Managing Multiple Domains from a Single Hosting Account
Jun14
on June 14, 2018
at 6:22 pm
Posted In: Uncategorized
This post was originally added to our blog on January 31st, 2012. It has been updated for accuracy, and readibility. cPanel has made it easier to manage your domains in a single place. In this post, we will go over how to add another domain to your existing cPanel account. This tutorial will require that you have a hosting account and have access to cPanel to add the domain. Are you unfamiliar with what DNS is or what the different …
Git Version Control Series: Setting Up Git
Jun13
on June 13, 2018
at 6:00 pm
Posted In: Uncategorized
This is the fourth in a series of blog posts around Git and a new feature in cPanel & WHM Version 72, Git Version Control. In case you missed them, there is a list at the bottom of this post. Keep watching for a new one every Wednesday! If you follow our feature request site, you already know about our upcoming feature, Git™ Version Control. We’re designing it to make hosting repositories as easy …