A WordPress plugin WPBakery Authenticated Stored Cross-Site Scripting (XSS) vulnerability has exposed over 4M sites.
Drupal has released security updates that fix a Critical XSS bug and 4 other vulnerabilities in multiple versions of Drupal. A remote attacker could exploit these vulnerabilities to compromise an affected system.
Palo Alto Networks has fixed a Critical buffer overflow vulnerability that could allow an attacker to execute remote code as root on PAN-OS devices, along with multiple other High severity issues.
Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. The company also warned that older Magento 1.x versions will be end of life (EOL) and no longer get software support after this patch update.
WordPress has released WordPress 5.4.2 security and maintenance update that includes fixes for multiple security issues and bugs. All WordPress versions 5.4.1 and earlier are affected.
Drupal has released security updates to address cross-site scripting (XSS) and Open Redirect vulnerabilities affecting Drupal 7, 8.7, and 8.8.
WordPress has released version 5.3.1 security update that fixes multiple bugs. All WordPress versions 5.3 and earlier are affected.
WordPress 5.2.3 Security and Maintenance Release is now out. The update includes 29 feature enhancements and fixes, as well as security fixes.