Switch to the dark mode that's kinder on your eyes at night time.

Switch to the light mode that's kinder on your eyes at day time.

Switch to the dark mode that's kinder on your eyes at night time.

Switch to the light mode that's kinder on your eyes at day time.

WordPress 5.9.2 Security Update Fixes XSS and Prototype Pollution Vulnerabilities (www.wordfence.com)

by WPNEWS team March 13, 2022, 18:54 Comments

Last night, just after 6pm Pacific time, on Thursday March 10, 2022, the WordPress core team released WordPress version 5.9.2, which contains security patches for a high-severity vulnerability as well as two medium-severity issues. The high-severity issue affects version 5.9.0 and 5.9.1 and allows contributor-level users and above to insert malicious JavaScript into WordPress posts. …Read More

More From: Security

ACF Plugin’s Reflected XSS Vulnerability Attracts Exploit Attempts Within 24 Hours of Public Announcement (wptavern.com)
On May 5, Patchstack published a security advisory about a high severity reflected cross-site scripting (XSS) vulnerability in ACF (Advanced Custom Fields), potentially affecting more than 4.5 mill…
WordPress Server-Side Request Forgery (SSRF) Vulnerability (secure.wphackedhelp.com)
WordPress SSRF Attack In 2021, Microsoft released a security advisory warning of a critical SSRF vulnerability in their Exchange Server software, which was being actively exploited in the wild by[…]
Advanced Custom Fields Plugins Contain Vulnerability, 2+ Million Sites Affected (patchstack.com)
If you’re a Advanced Custom Fields free and pro user, please update the plugin to at least version 6.1.6.Patchstack Pro and Business users are protected from the vulnerability.
Massive Abuse of Abandoned Eval PHP WordPress Plugin (blog.sucuri.net)
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors: PHP scripts designed to[…]
WP Engine’s Security Team Creates Custom Workflow with WPScan to Protect Clients (blog.wpscan.com)
How WP Engine automates security for over 1.5 million customer sites with WPScan. The Hero: WP Engine The Problem “We know that there are other options out there, but given[…]
Astro + WPGraphQL for more secure WordPress sites
WordPress powers over 43% of the web, and that makes it a prime target for hackers and bots. But […]

WordPress 5.9.2 Security Update Fixes XSS and Prototype Pollution Vulnerabilities (www.wordfence.com)

Leave a Reply Cancel reply

WP-Tonic This Week in WordPress & Tech:With Special Guest Mario Peshev Founder of Devr iX (www.wp-tonic.com)

How to Add Product Videos to Your WooCommerce Galleries (www.wpbeginner.com)

ACF Plugin’s Reflected XSS Vulnerability Attracts Exploit Attempts Within 24 Hours of Public Announcement (wptavern.com)

WordPress Server-Side Request Forgery (SSRF) Vulnerability (secure.wphackedhelp.com)

Advanced Custom Fields Plugins Contain Vulnerability, 2+ Million Sites Affected (patchstack.com)

Massive Abuse of Abandoned Eval PHP WordPress Plugin (blog.sucuri.net)

WP Engine’s Security Team Creates Custom Workflow with WPScan to Protect Clients (blog.wpscan.com)

Astro + WPGraphQL for more secure WordPress sites

FluentCRM 2.5.7: Powerful Bulk Actions and More Email Shortcodes (fluentcrm.com)

New Settings & MemberPress Courses Integration (automatorplugin.com)

Leave a Reply Cancel reply

Log In

Sign In

Forgot password?

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections