Wordpress Security Alert
WPMEMO
security-news at globalresolution.net
Sun Jan 24 06:30:06 GMT 2021
Wordpress Security Alert - Orbit Fox Plugin
Two vulnerabilities, one critical and one of medium severity, have
been discovered
The Orbit Fox plugin contains security bugs that enable attackers to
take control of a website or inject malicious code
According to the researchers, the vulnerability is contained within
the Orbit Fox registration widget and allows lower-level users to gain
administrator privileges
The flaw can be exploited because the plugin only provides client-side
protection to prevent the role selector from being shown to low-level
users
The second vulnerability found within Orbit Fox affects the plugin’s
header and footer script feature and allows threat actors to add
malicious JavaScript to posts. This code then executes when a user
visits the related webpage
These flaws have been fully patched in version 2.10.3. We recommend
that users immediately update to the latest version available, which
is version 2.10.3
Patch it if you use it!
-------------------------------------------------------------------
Web Hosting Problems?
GlobalResolution provides high performance, bespoke Hosting Solutions
with emphasis on Security, uptime and expert support around the clock
Change can be difficult which is why we offer a 30 day free trial so
you can dip your toe in the water before jumping in
We are more than happy to duplicate your site over for you without any
downtime
Click HERE for more information
[https://mau.globalresolution.net/r/b427992b017efbf5c8c4a26a6?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&]
-------------------------------------------------------------------
Know someone who uses Wordpress?
Maybe our regular updates will come in handy and be of benefit, give
them a heads up!
https://mau.globalresolution.net/r/ed4fa1600b83d60361fa2fdb8?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&
[https://mau.globalresolution.net/r/ed4fa1600b83d60361fa2fdb8?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&]
Need to adjust your subscription?
We hope you continue wanting to receive our much loved WPMEMO,
if however you feel we are getting on your nerves you can easily
unsubscribe to no longer receive emails from us
Unsubscribe to no longer receive emails from us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20210124/f7c95d78/attachment.html>
More information about the pkg-gnome-maintainers
mailing list