Social Warfare announced via Twitter on March 21, 2019, a new version 3.5.3 was released due to a cross-site scripting (XSS) WordPress vulnerability that was discovered yesterday. The social sharing plugin allows users to share social media links in the form of buttons on their website and comments, making it easier for their readers’ to quickly access the websites’ social media pages.
Author: Monique Becenti
This week a severe WordPress vulnerability was patched by the authors of Easy WP SMTP WordPress Plugin. Easy WP SMTP allows users to send outgoing emails through the SMTP server in an attempt to keep their emails from going directly to spam or junk mail. This vulnerability allows cybercriminals to gain unauthenticated access to sites using this plugin. With over 300,000 active installations, thousands of users are affected by this zero-day vulnerability in version 1.3.9.
The latest version of the Joomla! 3.x series was released on March 12, 2019. Version 3.9.4 addresses four security flaws and 28 bug fixes, which includes a high-priority access level vulnerability. Three of the four security flaws are cross-site scripting (XSS) vulnerabilities, which have been identified and resolved in this latest security release. Joomla! users are urged to install 3.9.4 as soon as possible to circumvent any possible security exploits related to this latest security flaw.
On March 12, 2019, a maintenance release was announced by WordPress for version 5.1.1. With this new version, there are 10 fixes and enhancements, which include security updates that address how comments are filtered and stored within the database. Prior to this update, if WordPress comments were maliciously crafted, an unauthenticated attacker could gain access to the user’s site, resulting a cross-site scripting vulnerability.
Take a minute and think about how many times public Wi-Fi has been a source of major convenience for you. Now, think about how many times you have checked your bank account or logged into your social media on a public Wi-Fi connection. Did you know browsing personal account information on a public network is potentially unsafe and can put both your data and privacy at risk?
