Wordpress Security Alert

WPMEMO security-news at globalresolution.net
Sun Jan 24 06:30:06 GMT 2021


Wordpress Security Alert - Orbit Fox Plugin

Two vulnerabilities, one critical and one of medium severity, have
been discovered

The Orbit Fox plugin contains security bugs that enable attackers to
take control of a website or inject malicious code

According to the researchers, the vulnerability is contained within
the Orbit Fox registration widget and allows lower-level users to gain
administrator privileges

The flaw can be exploited because the plugin only provides client-side
protection to prevent the role selector from being shown to low-level
users

The second vulnerability found within Orbit Fox affects the plugin’s
header and footer script feature and allows threat actors to add
malicious JavaScript to posts. This code then executes when a user
visits the related webpage

These flaws have been fully patched in version 2.10.3. We recommend
that users immediately update to the latest version available, which
is version 2.10.3

Patch it if you use it!

-------------------------------------------------------------------

Web Hosting Problems?

GlobalResolution provides high performance, bespoke Hosting Solutions
with emphasis on Security, uptime and expert support around the clock
 
Change can be difficult which is why we offer a 30 day free trial so
you can dip your toe in the water before jumping in
 
We are more than happy to duplicate your site over for you without any
downtime 

Click HERE for more information
[https://mau.globalresolution.net/r/b427992b017efbf5c8c4a26a6?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&]

-------------------------------------------------------------------

Know someone who uses Wordpress?

Maybe our regular updates will come in handy and be of benefit, give
them a heads up!
https://mau.globalresolution.net/r/ed4fa1600b83d60361fa2fdb8?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&
[https://mau.globalresolution.net/r/ed4fa1600b83d60361fa2fdb8?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6NDU7fXM6NToiZW1haWwiO2k6NDU7czo0OiJzdGF0IjtzOjIyOiI2MDBiMjMwMjZmMmY2MjgyNzQxMTY1IjtzOjQ6ImxlYWQiO3M6NjoiNzAyMDM4IjtzOjc6ImNoYW5uZWwiO2E6MTp7czo1OiJlbWFpbCI7aTo0NTt9fQ%3D%3D&]

Need to adjust your subscription?

We hope you continue wanting to receive our much loved WPMEMO,
if however you feel we are getting on your nerves you can easily
unsubscribe to no longer receive emails from us

Unsubscribe to no longer receive emails from us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20210124/f7c95d78/attachment.html>


More information about the pkg-gnome-maintainers mailing list