Wordpress 4.8.3

WordPress Publishes Critical Security Update XSS, SQL Injection vulnerabilities

WordPress 4.7.1 and earlier forms are influenced by various vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an infected site. WordPress 4.7.2 is currently accessible. This is a security update for every single past...
Privilege Escalation Vulnerability in Lenovo Transition Application

Privilege Escalation Vulnerability in Lenovo Transition Application

Summary Description: A vulnerability was identified in the Lenovo Transition program specific to some Lenovo Yoga, Flex and Miix systems running Windows where a user with local privileges could execute arbitrary code with administrative or system level privileges. Lenovo Transition is...
Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability

Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability

Introduction The Google Forms WordPress Plugin fetches a published Google Form using a WordPress custom post or shortcode, removes the Google wrapper HTML and then renders it as an HTML form embedded in your blog post or page. A PHP Object...

Discovered Critical Bug allowed to Delete any Videos from Facebook

Security researcher Dan Melamed came across the vulnerability in June 2016. The bug is some ways similar to a vulnerability discovered by another researcher around the same time. There's just one major exception. Dan Melamed said ,c  Dan Melamed In...
Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerability

WordPress Plugin Stop User Enumeration does not stop user enumeration

User Enumeration is the capacity to automatically figure out if a given account is valid on a system. By enumerating client accounts, you are at danger of locking out accounts after a predefined number of failed attempts. Stop User Enumeration is a module stops...

Newsletter

Signup to get Hacking News & Tutorials to your Inbox

Most Popular

Recommended