With the release of cPanel & WHM version 82 to CURRENT this week, we are adding several new UAPI modules and functions. These new functions replace several previously-deprecated cPanel API 1 functions. For a complete list of API calls that we’ve added so far, read our Guide to Replacing cPanel API 1 functions with UAPI equivalents documentation. Our goal is to provide a more seamless experience for anyone who integrates with cPanel & WHM. What is an API, and who uses …
Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.
Joomla! CMS versions 3.9.7 – 3.9.8
Upgrade to version 3.9.9
The JSST at the Joomla! Security Centre.
Late last week, we announced a new licensing and pricing structure for cPanel. This change was the result of several months of conversations and modeling to ensure we understood as many use cases for cPanel & WHM hosting as possible. In the days following our announcement, we have heard from many of our Partners, both online and on the phone, and the feedback has been clear. Our analysis of use cases was incomplete, …
June has certainly been a busy month in the WordPress community — aside from holding the largest WordPress event ever, the project has hit a number of significant milestones and published some big announcements this past month. A Wrap for WordCamp Europe 2019 WordCamp Europe 2019 took place on June 20-22. It was the largest […]
Today, we announced a new pricing and licensing structure to our Partners, Distributors, and our cPanel Store customers. Our pricing and licensing will now be standardized for all of our customers, be billed monthly, and include multiple Tiers. When cPanel defined its original pricing structure, some twenty plus years ago, servers were not as powerful as they are today. Thanks to constant innovation in the hardware sector and optimization in our software, we can now run hundreds …
Researching another piece I’ve been writing, I realized that I was grossly unfamiliar with a portion of the cPanel & WHM product. For a bit of background, I’ve been using cPanel & WHM for about nine years now, mostly from the end user and system administrator perspectives. Admittedly, I am not a developer, nor do I pretend to be one. Between you and me, I have immense respect for developers and the dark arts magic that …
WordPress 5.2.2 is now available! This maintenance release fixes 13 bugs and adds a little bit of polish to the Site Health feature that made its debut in 5.2. For more info, browse the full list of changes on Trac or check out the Version 5.2.2 documentation page. WordPress 5.2.2 is a short-cycle maintenance release. The next […]
The post Acronis and ZNetLive join forces to offer new security solution appeared first on Plesk.
The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.
Joomla! CMS versions 3.8.13 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors.
Joomla! CMS versions 3.6.0 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
The CSV export of com_actionslogs is vulnerable to CSV injection.
Joomla! CMS versions 3.9.0 through 3.9.6
Upgrade to version 3.9.7
The JSST at the Joomla! Security Centre.
According to Statista, over 3 billion people across the world are expected to have some form of social media account by 2021. That’s 1/3 of the population of the entire planet. While social media use in the business world has been around for the better part of a decade, it has recently become an integral part of growing communities and building brand recognition. Companies use social media as customer outreach, to announce a new …
Exim is the mail server software cPanel & WHM servers use. Last week an exploit for Exim was identified, and today a patch for the exploit was released. This exploit allowed for both local and remote root-level privilege escalation. That means that you won’t need to be able to access the server as a user to exploit the server, as is the case with most security vulnerabilities that are found. How to Protect Yourself The best …
This month saw the 16th anniversary since the launch of the first release of WordPress. A significant milestone to be sure and one that speaks to the strength and stability of the project as a whole. In this anniversary month, we saw a new major release of WordPress, some exciting new development work, and a […]
It is with great affection that I get to share news of an addition to the WebPros family. Starting today, WHMCS joins us as part of this exciting and growing group of companies that power the hosting industry. Years ago, cPanel and WHMCS began a partnership to improve integration and support between the companies, and the software we build. As a result, cPanel and WHMCS have enjoyed an incredible working relationship for nearly 7 years. So close, in …
If you’ve performed a fresh cPanel & WHM installation recently, you may have noticed how much faster the process is. Aside from a lot of under the hood magic (no, not really), an impressive amount of work and planning over multiple years of cPanel & WHM was required. Currently, the time to install cPanel & WHM on a brand new server is averaging between 3 and 15 minutes. That’s a pretty drastic reduction from the 60-90 …
Read this article in English La bijouterie en ligne française CLEOR, active dans 136 bijouteries, a été infectée d’un skimmer JavaScript. Le code malveillant injecté est conçu pour envoyer les données bancaires aux criminels sur le formulaire de paiement en ligne légitime de Cleor. Skimmers sur les boutiques en ligne Cette attaque compte de nombreuses […]
WordPress 5.2.1 is now available! This maintenance release fixes 33 bugs, including improvements to the block editor, accessibility, internationalization, and the Site Health feature introduced in 5.2. You can browse the full list of changes on Trac. WordPress 5.2.1 is a short-cycle maintenance release. Version 5.2.2 is expected to follow in approximately two weeks. You can download […]
Both PHP 5.6 and PHP 7.0 reached End of Life at the beginning of the year, and are no longer receiving any security patches from PHP. With cPanel & WHM Version 80 moving to the current tier, we are also encouraging users to upgrade to supported PHP versions in EasyApache 4. To help with that, we are removing PHP 5.6 and 7.0 from our default EasyApache profiles. This change only impacts servers running our default …
The fourth edition of WordPress translation day is coming up on Saturday 11 May 2019: tomorrow! Get ready for a 24-hour, global marathon dedicated to localizing the WordPress platform and ecosystem. This event takes place both online and in physical locations across the world, so you can join no matter where you are! The WordPress […]
In Joomla 3.9.3, the vulnerability of insecure deserialization when executing Phar archives was addressed by removing the known attack vector in the Joomla core. In order to intercept file invocations like file_exists or stat on compromised Phar archives the base name has to be determined and checked before allowing to be handled by PHP Phar stream handling. The used implementation however is vulnerable to path traversal leading to scenarios where the Phar archive to be assessed is not the actual (compromised) file.
Joomla! CMS versions 3.9.3 through 3.9.5
Upgrade to version 3.9.6
The JSST at the Joomla! Security Centre.
Version 5.2 of WordPress is available for download or update in your WordPress dashboard. New features in this update make it easier than ever to fix your site if something goes wrong. There are even more robust tools for identifying and fixing configuration issues and fatal errors. Whether you are a developer helping clients or you manage your site solo, these tools can help get you the right information when you need it.
The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.
Joomla! CMS versions 1.7.0 through 3.9.5
Upgrade to version 3.9.6
The JSST at the Joomla! Security Centre.
The second release candidate for WordPress 5.2 is now available! WordPress 5.2 will be released on Tuesday, May 7, but we need your help to get there—if you haven’t tried 5.2 yet, now is the time! There are two ways to test the WordPress 5.2 release candidate: try the WordPress Beta Tester plugin (you’ll want […]
This past month has been filled with anticipation as the community builds up towards a big new release, plans some important events, and builds new tools to grow the future of the project. WordPress 5.2 Almost Due for Release WordPress 5.2 is due for release on May 7 with many new features included for developers […]
The post Cloudflare Releases New Warp VPN appeared first on Plesk.
The first release candidate for WordPress 5.2 is now available! This is an important milestone as we progress toward the WordPress 5.2 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.2 is scheduled to […]
One of the more popular topics talked about amongst the cPanel Community is AutoSSL, a tool that automatically installs domain-validated SSL certificates for cPanel services and users’ websites. Since we haven’t touched on AutoSSL on our blog for a bit, some of the recent changes added to cPanel & WHM have created an opportune time to revisit one of cPanel’s most popular features. What is AutoSSL? AutoSSL is the solution for one of the most prominent SSL pain points for cPanel & …
Arguably, one of the most requested and popular feature requests submitted for cPanel & WHM has been the addition of the NGINX web server as an alternative to Apache. We have good news for those of you that have been asking: NGINX is coming. Note: as NGINX support on cPanel & WHM servers is still experimental, it will not be available in the WHM graphic user interface right away. Be advised that this is a representation of …
We’ve talked about SSL (secure socket layer) certificates both on the cPanel blog and at the 2018 cPanel Conference in Houston, Tx as well as many other avenues at length. The importance of having an SSL for services and websites on your server cannot be understated. One of the most common support requests for both hosting providers and end-users is: once an SSL certificate is installed for your website, how do you redirect traffic to …
60 queries. 8.75 mb Memory usage. 1.478 seconds.