A serious security fault in a WordPress plugin lets threat actors to remotely implement PHP code. Stemming from the use of check_admin_referer() for authorization, the susceptibility is found in the Ad Inserter plugin, a plugin that is presently installed in more than 200,000 sites. According to Bleeping Computer, Ad Inserter Continue Reading
Tech giants SAP, Intel, Cisco, Citrix, and Juniper have patched vulnerabilities in their respective products. This week, as part of the Patch Day, SAP issued 11 Security Notes, one of which was a Hot News Note addressing a Critical vulnerability in Diagnostics Agent. The bug, tracked as CVE-2019-0330 and featuring a CVSS Continue Reading
Microsoft issued Patch Tuesday updates for July 2019 that address as many as 77 flaws, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity. Patch Tuesday updates for July 2019 rectified security delivered in several products of the tech colossus, including Windows operating systems, Internet Explorer, Edge, Office, Azure Continue Reading
Of late, Magento addressed susceptibilities that could be misused by unverified attackers to capture administrative sessions and then totally take over flawed web stores. For an effective attack, a threat actor would first have to use a Stored Cross-Site Scripting (XSS) fault to inject a JavaScript payload into the administrator Continue Reading
Google in the Android Open Source Project (AOSP) fixed three critical remote code execution (RCE) in the Media framework and another one in the Android system. In all, Google repaired 33 security susceptibilities in the Android system, framework, library, media framework, Qualcomm components, and Qualcomm closed-source components, all of them addressed Continue Reading
By