In the April edition of our “People of WordPress” series, you’ll find out how Mario Peshev went from self-taught developer to teaching basic digital literacy.
Archive for security
Looking for cool ideas for connecting with friends and family? We repurposed remote working tools! Read more about creating connections during the quarantine.
The month of March was both a tough and exciting time for the WordPress open-source project. With COVID-19 declared a pandemic, in-person events have had to adapt quickly – a challenge for any community. March culminated with the release of WordPress 5.4, an exhilarating milestone only made possible by dedicated contributors. For all the latest, […]
If you’re looking for an eCommerce Solution for your business, installing Magento using cPanel is much easier than you think. What is Magento? No, not the metal-manipulating Super Villain from the X-Men comics. Magento is one of the most popular open-source eCommerce platforms for businesses on the internet. Built on the Zend Framework and written in PHP, Magento is the “world’s leading platform for open commerce innovation.” Magento Partners include a diverse portfolio of small, medium, and large businesses across the …
Just like Coronavirus itself, the Coronavirus-themed cybercrime it has spawned is quickly becoming a pandemic of its own. Cybercriminals have been quick to take advantage of the media attention on the story, using lures with a Coronavirus theme. Many of the attacks Netcraft has observed have used the fear and uncertainty surrounding the situation to trigger a response from their victims.
Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly after it was declared a pandemic by the WHO.
You need a professional email address for your business, and here’s how to make that happen with cPanel webmail. Putting your best foot forward as both an individual and a business can start with something as simple as having a professional-looking email address. For a bit of context- think back to the email address you had in high school or college. How many of you had a favorite movie or band or sports team in …
WordPress 5.4 “Adderley”
Version 5.4 “Adderley” of WordPress is available for download or update in your WordPress dashboard. This version brings you more ways to make content come alive with your best images and helps make your vision real by putting blocks in the perfect place.
Software tools to prevent attacks on servers and sites
The post Software tools to prevent attacks on servers and sites appeared first on Plesk.
WordPress 5.4 RC5
The fifth release candidate for WordPress 5.4 is live! WordPress 5.4 is currently scheduled to land on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! You can test the WordPress 5.4 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) […]
As a customer and partner, you have multiple ways to receive our help and support at any time, from anywhere. You have the power in your hands to obtain the knowledge and expertise necessary for your business to continue successfully without interruption. cPanel & WHM is a robust assortment of tools with a variety of applications for their use. These tools are widely used and adopted, and there are a lot of resources available. That means …
Netcraft has tracked Coronavirus-themed cybercrime since 16th March, shortly after it was declared a pandemic by the WHO. Scammers have been quick to take advantage of the massive worldwide attention to Coronavirus (COVID-19), and are increasingly making use of it as a theme for online fraud.
Netcraft is the largest provider of anti-phishing takedowns in the world and provides countermeasures against some 75 other types of cybercrime for governments, internet infrastructure and many of the world’s largest banks and enterprises.
cPanel employees are sharing their experiences working remotely to help everyone succeed while working from their homes. Below you’ll find some of our best tips for working remotely that the cPanel team has been passing back and forth.
WordPress 5.4 RC4
The fourth release candidate for WordPress 5.4 is live! WordPress 5.4 is currently scheduled to land on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! You can test the WordPress 5.4 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) […]
First, we want to assure you that we are here to support you and your business during this time of uncertainty. We are implementing our tested plans to keep operations up and running, and our goal remains to continue with uninterrupted operations and service to our Partners and customers. Adjusting to the current COVID-19 situation has been a task that everyone across the world has had to deal with. cPanel has been no different, and we …
WordPress 5.4 RC3
The third release candidate for WordPress 5.4 is now available! WordPress 5.4 is currently scheduled to be released on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! There are two ways to test the WordPress 5.4 release candidate: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
WordPress 5.4 RC2
The second release candidate for WordPress 5.4 is now available! WordPress 5.4 is currently scheduled to be released on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! There are two ways to test the WordPress 5.4 release candidate: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 1.7.0-3.9.15
- Exploit type: SQL Injection
- Reported Date: 2020-March-9
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10243
Description
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the “Featured Articles” frontend menutype.
Affected Installs
Joomla! CMS versions 1.7.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.7.0-3.9.15
- Exploit type: Incorrect Access Control
- Reported Date: 2020-February-28
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10239
Description
Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
Affected Installs
Joomla! CMS versions 3.7.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 3.0.0-3.9.15
- Exploit type: Other
- Reported Date: 2020-February-07
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10240
Description
Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.
Affected Installs
Joomla! CMS versions 3.0.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 2.5.0-3.9.15
- Exploit type: Incorrect Access Control
- Reported Date: 2020-January-31
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10238
Description
Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.
Affected Installs
Joomla! CMS versions 2.5.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0-3.9.15
- Exploit type: XSS
- Reported Date: 2020-February-24
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10242
Description
Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allow XSS attacks.
Affected Installs
Joomla! CMS versions 3.0.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.2.0-3.9.15
- Exploit type: CSRF
- Reported Date: 2020-February-06
- Fixed Date: 2020-March-10
- CVE Number: CVE-2020-10241
Description
Missing token checks in the image actions of com_templates causes CSRF vulnerabilities.
Affected Installs
Joomla! CMS versions 3.2.0 – 3.9.15
Solution
Upgrade to version 3.9.16
Contact
The JSST at the Joomla! Security Centre.
In the March edition of our “People of WordPress” series, you’ll find out how Mary Job grew from a timid, curious cat into a public speaker and organizer of WordPress Meetups and WordCamps.
The first release candidate for WordPress 5.4 is now available! This is an important milestone as we progress toward the WordPress 5.4 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.4 is currently […]
More than 850,000 websites still rely on the outdated TLS 1.0 and TLS 1.1 protocols that are scheduled to be blocked by the majority of web browsers this month. These older versions of the Transport Layer Security protocol, which date back to 1999 and 2006, are vulnerable to numerous practical attacks that have been resolved in later versions. Among the sites still using these outdated setups are major banks, governments, news, and telecoms companies.
February 2020 was a busy month in the WordPress project! Most notably, there was an outpouring of sentiment in response to the unfortunate cancellation of WordCamp Asia. However, the team continues to work hard in the hopes of making WordCamp Asia 2021 happen. In addition, there were a number of releases and some exciting new […]
WordPress 5.4 Beta 3
WordPress 5.4 Beta 3 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.4 beta in two ways: Try the WordPress Beta Tester plugin (choose “bleeding edge nightlies” […]
As mentioned in this post, Matt will host a livestream on February 22 during Bangkok daylight hours. He opened an invitation to any speaker who was affected by the cancellation, and the livestream will include the following fine people: Imran Sayed, Md Saif Hassan, Muhammad Muhsin, Nirav Mehta, Piccia Neri, Umar Draz, and Francesca Marano […]
cPanel continues to move towards a more modern user interface framework to provide the best product experience possible. That’s why we are going to start shifting away from Internet Explorer 11, starting with Version 88. This change not only offers a better user experience, but it also allows us to be more efficient in our development process. We are encouraging cPanel Partners and users to discontinue the use of IE11 as their primary web browser …
WordPress 5.4 Beta 2
WordPress 5.4 Beta 2 is now available! This software is still in development, so we don’t recommend running it on a production site. Consider setting up a test site to play with the new version. You can test WordPress 5.4 beta 2 in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) Or download […]