Jump to content

Build Theme!
  •  
  • Infected?

Welcome to What the Tech - Register now for FREE

Get answers from experts today. (it's 100% free). Spyware, Virus, Trojan, Rootkit? Remove malware > Virus Removal Forum. Learn how it works.

Create an Account Login to Account


Photo

WordPress update available


  • Please log in to reply
83 replies to this topic

#76 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 24 January 2014 - 01:55 PM

FYI...

WordPress 3.8.1 released
- http://wordpress.org/download/
Jan 23, 2014 - "The latest stable release of WordPress (Version 3.8.1) is available..."

- https://wordpress.org/news/
"... addresses -31- bugs in 3.8, including various fixes and improvements for the new dashboard design and new themes admin screen. An issue with taxonomy queries in WP_Query was resolved..."

ChangeLog
- https://core.trac.wo...&stop_rev=26862

Codex
- http://codex.wordpress.org/Embeds

Summary
- http://make.wordpres...ease-candidate/
 

:ph34r:


This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#77 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 10 April 2014 - 12:33 PM

FYI...

WordPress 3.8.2 released
- https://secunia.com/advisories/57769/
Release Date: 2014-04-10
Criticality: Moderately Critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting
...  vulnerabilities are reported in versions prior to 3.8.2.
Solution: Update to version 3.8.2.
Original Advisory:
- http://wordpress.org...ordpress-3-8-2/
April 8, 2014 - "WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately. This releases fixes a weakness that could let an attacker force their way into your site by forging authentication cookies... This release also fixes nine bugs and contains three other security hardening changes..."

- http://wordpress.org/download/

Changelog
- https://core.trac.wo...wser/?rev=28060
___

- http://www.securityt....com/id/1030071
CVE Reference:   
- https://web.nvd.nist...d=CVE-2014-0165 - 4.0
- https://web.nvd.nist...d=CVE-2014-0166 - 6.4 (HIGH)
Apr 11 2014
Impact: Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 3.7.2 and 3.8.2 ...
Solution: The vendor has issued a fix (3.7.2, 3.8.2)...
- http://wordpress.org...ordpress-3-8-2/
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 11 April 2014 - 11:27 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#78 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 16 April 2014 - 01:57 PM

FYI...

WordPress 3.9 released
- https://wordpress.org/download/
Apr 16, 2014 - "The latest stable release of WordPress (Version 3.9) is available..."

- https://wordpress.or.../2014/04/smith/
"... available for download or update in your WordPress dashboard. This release features a number of refinements..."

- https://core.trac.wo...rowser/tags/3.9
 

.


This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#79 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 09 May 2014 - 12:39 PM

FYI...

WordPress 3.9.1 released
- https://wordpress.org/download/
May 8, 2014 - "The latest stable release of WordPress (Version 3.9.1) is available..."

- https://wordpress.or...ordpress-3-9-1/
"... This maintenance release fixes -34- bugs in 3.9, including numerous fixes for multisite networks, customizing widgets while previewing themes, and the updated visual editor. We’ve also made some improvements to the new audio/video playlists feature and made some adjustments to improve performance..."
 

:ph34r: :ph34r:


This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#80 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 07 August 2014 - 03:20 AM

FYI...

WordPress 3.9.2 released
- https://wordpress.org/download/
Aug 6, 2014 - "The latest stable release of WordPress (Version 3.9.2) ..."

- http://wordpress.org...ordpress-3-9-2/
Aug 6, 2014 - "WordPress 3.9.2 is now available as a security release for all previous versions. We strongly encourage you to update your sites immediately..."

Release notes
- http://codex.wordpre...g/Version_3.9.2

- https://core.trac.wo...29383&rev=29411
___

- http://www.securityt....com/id/1030684
Aug 7 2014
Impact: Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.9.2 ...

- http://atlas.arbor.n...index#918586250
Elevated Severity
7 Aug 2014
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 08 August 2014 - 01:10 PM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#81 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 04 September 2014 - 01:40 PM

FYI...

WordPress 4.0 released
- https://wordpress.org/download/
Sep 4, 2014 - "The latest stable release of WordPress (Version 4.0) is available..."

Release notes
- http://codex.wordpress.org/Version_4.0

Changelog
- http://codex.wordpre...g/Changelog/4.0
 

:ph34r:


This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#82 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 21 November 2014 - 03:50 AM

FYI...

WordPress 4.0.1 Security Release
- https://wordpress.or...ordpress-4-0-1/
Nov 20, 2014 - "WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately... WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site... This issue does not affect version 4.0, but version 4.0.1 does address these -eight- security issues..."

- http://www.securityt....com/id/1031243
Nov 20 2014
Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 3.7.5, 3.8.5, 3.9.3, 4.0.1
Description: Several vulnerabilities were reported in WordPress. A remote user can cause denial of service conditions. A remote user can conduct cross-site scripting attacks. A remote user can conduct cross-site request forgery attacks. A remote user can compromise a target user's account...
Solution: The vendor has issued a fix (3.7.5, 3.8.5, 3.9.3, 4.0.1).
The vendor's advisory is available at:
- https://wordpress.or...ordpress-4-0-1/
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 21 November 2014 - 04:05 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#83 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 19 December 2014 - 06:39 AM

FYI...

WordPress Download Manager Security Bypass Vulnerability
- https://secunia.com/advisories/62641/
Release Date: 2014-12-18
Criticality: Highly Critical
...  vulnerability is confirmed in version 2.7.4. Prior versions may also be affected.
Solution: Update to version 2.7.5...
- https://wordpress.or...ager/changelog/
2.7.81: WordPress v4.1 compatibility release
Last Updated: 2014-12-18
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 19 December 2014 - 06:42 AM.

This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#84 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,759 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 13 March 2015 - 08:05 AM

FYI...

Blind SQL Injection against WordPress SEO
- https://isc.sans.edu...l?storyid=19457
2015-03-13 - "WordPress has released an advisory for the WordPress plugin SEO by Yoast. Version up to and including 1.7.3.3 can be exploited with a blind SQL injection. According to WordPress, this plugin has more than one million downloads. A description of the SQL injection with proof of concept is described here[3] and the latest update is available here[2]."

1] https://wordpress.or.../wordpress-seo/
2] https://downloads.wo...s-seo.1.7.4.zip
3] https://wpvulndb.com...rabilities/7841
 

:ph34r: :ph34r:


This machine has no brain.
......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users