Critical XSS 0-Day Vulnerability Disclosed in WordPress 4.2

A critical, unpatched 0-day vulnerability affecting WordPress comment mechanisms. This vulnerability is now disclosed publicly. Who is affected? If your WordPress site allows users to post comments via the WordPress commenting system, you’re at risk. An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts […]

Automatic upgrade to WordPress 4.1.3

WordPress has released WordPress 4.2 yesterday but some of your WordPress installation should be upgraded to WordPress 4.1.3 today. This was a maintenance release for the recent security update WordPress 4.1.2. WordPress 4.1.3 has fixed the following database related issue: Fix database writes for esoteric character sets, broken in the WordPress 4.1.2 security release. Neither […]

WordPress 4.1.2 Security Release

WordPress team has released a critical security update for all previous versions and it is strongly encourage that you update your WordPress version to WordPress 4.1.2. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. They have also fixed three other security […]

Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553)

Last week, Microsoft had released an important security update. This security update resolves a vulnerability in Microsoft Windows. HTTP.sys Vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. This security update is rated Critical for all supported editions of Windows 7, Windows 8, Windows 8.1, […]

WP Super Cache XSS Vulnerability

WP Super Cache WordPress plugin is one of the widely used plugins. This plugin is used to cache the posts and thus it improves the performance and reduce the loading time. Recently Sucuri vulnerability research team found a critical security vulnerability in WP Super Cache WordPress plugin. The vulnerability has been patched and if you […]

OpenSSL Security Updates – March 19, 2015

An update for OpenSSL was just released to address various security vulnerabilities (low to moderate risk) and it is recommended that you update as soon as possible. In January 2015, OpenSSL had released a security update.After January 2015, they released another security update for all supported OpenSSL versions. For more detail on OpenSSL security advisory, […]

Xen Security Advisories

Xen is an open source Hypervisor using a microkernel design. This allows to create muiltiple guest virtual machine. Few days ago, there were two security updates released by Xen. For more details, refer Xen Security Advisories. As we mentioned in our previous post, Xen has released few more security updates as follow: Official Links: http://xenbits.xen.org/xsa/advisory-120.html […]

Xen Security Advisories

Xen is an open source Hypervisor using a microkernel design. This allows to create muiltiple guest virtual machine. Xen just released two patches to address various security vulnerabilities and it is highly recommended that you update as soon as possible. They may release more security updates in near future so keep an eye on the […]

cPanel & WHM 11.42 Now EOL

cPanel & WHM software version 11.42 has now reached End of Life. As always, cPanel announced EOL for cPanel 11.42 before three months ago. For more details, refer cPanel 11.42 to EOL in 3 Months. cPanel 11.42 will continue functioning on the servers. The last release of cPanel & WHM 11.42, 11.42.1.31, will remain on […]