The Drupal Security Team has released upgrades to Drupal 6/7 to fix various security vulnerabilities. There is one critical issue and three less critical issues. Full details can be found on the Drupal web site.
DetailsAn Object Injection Vulnerability has been discovered in the WooCommerce WordPress plugin by Sucuri. Web sites are only vulnerable if you use WordPress, WooCommerce and you have the “PayPal Identify Token” option set.
DetailsOverall uptime for the month of May 2015 was 99.990%. 20 of 26 servers had 100% uptime.
DetailsWordPress version 4.2.2 has been released and addresses two critical security issues. The release also contains 13 bug fixes. We urge all customers to update as soon as possible.
DetailsOverall uptime for the month of April 2015 was 99.895%. 14 of 26 servers had 100% uptime.
DetailsEarlier today we posted about a critical XSS vulnerability in WordPress. WordPress 4.2.1 has been released to address these issues. We urge all customers to update as soon as possible.
DetailsA critical crosss site script (xss) bug has been found in WordPress. As of this posting there is no know patch. This post at Securi gives you the details. The ‘short’ version is that it affects comments. We’d suggest disabling comments in WordPress until a patch is issued.
DetailsA serious RCE (remote code execution) vulnerability has been discovered in Magento. The vulnerability exists in 1.9.1.0 CE and 1.14.1.0 EE (the latest version as of this writing). Full details of the vulnerability can be found on the Check Point web site. We urge all customers running Magento to apply patch SUPEE-5344.
DetailsWordPress version 4.1.2 is now available and we strongly suggest that all customers upgrade. This is a critical security release for all previous versions of WordPress. Full version can be found at the WordPress 4.1.2 blog post.
DetailsA security advisory for WP Super Cache has been issued ( http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html ). The issue has been address by the developer and a new version has been released. This is a very popular cache plugin, so update as soon as possible if you use the plugin.
Details