Wordpress Related News

Join the discussions about using Wordpress as a blogging platform and content management system for your website or blog.
User avatar
LMD
Contributing Member
Posts: 848
Joined: Sat Jan 04, 2020 4:40 pm
Reputation: 455
Location: North of the 49th parallel.
Has thanked: 33 times
Been thanked: 35 times
Contact:

Re: Wordpress Related News

Post by LMD »

I'm getting upgrade notifications on all the sites, so I'm a little nervous.


Advertisement
Accrete
Administrator
Posts: 1536
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 912
Location: Canada
Has thanked: 22 times
Been thanked: 113 times
Contact:

Re: Wordpress Related News

Post by Accrete »

Those using Contact Form 7 need to read this and update:
...A vulnerability has been discovered in Contact Form 7 that allows an attacker to upload malicious scripts. The publishers of Contact Form 7 have released an update to fix the vulnerability....
Contact Form 7 Vulnerability in +5 Million Sites


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
User avatar
LMD
Contributing Member
Posts: 848
Joined: Sat Jan 04, 2020 4:40 pm
Reputation: 455
Location: North of the 49th parallel.
Has thanked: 33 times
Been thanked: 35 times
Contact:

Re: Wordpress Related News

Post by LMD »

Accrete wrote: Fri Dec 18, 2020 3:22 pm Those using Contact Form 7 need to read this and update:
Yep - I received an email from the Wordfence people on this. Nasty!

The plugin "auto update" function in WordPress took care of this by updating the plugin as soon as the new version was released by the authors.


Accrete
Administrator
Posts: 1536
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 912
Location: Canada
Has thanked: 22 times
Been thanked: 113 times
Contact:

Bug Found in ‘Orbit Fox’ Allows Site Takeover

Post by Accrete »

If you are using Orbit Fox Wordpress plugin you should read this:

Two security vulnerabilities — one a privilege-escalation problem and the other a stored XSS bug — afflict a WordPress plugin with 40,000 installs.

Two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox could allow attackers to inject malicious code into vulnerable websites and/or take control of a website....
Continued: Critical WordPress-Plugin Bug Found in ‘Orbit Fox’ Allows Site Takeover
January 13, 2021


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Post Reply

Return to “WordPress”

Who is online

Users browsing this forum: No members and 11 guests