WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for […]
WordPress 4.9.2 Security and Maintenance Release Read More »
cPanel TSR-2018-0001, originally scheduled for Monday January 15 2018, has been delayed one week and is now scheduled for release on Monday January 22 2018. The full disclosure for this TSR is now scheduled for Tuesday January 23 2018.
cPanel TSR-2018-0001 Publication Delay Read More »
WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team’s […]
WordPress 4.9.1 Security and Maintenance Release Read More »
cPanel TSR-2017-0006 Full Disclosure SEC-236 Summary Add ‘ssl’ to the list of reserved usernames. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 2.4 CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N Description When cre…
cPanel TSR-2017-0006 Full Disclosure Read More »
cPanel TSR-2017-0006 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers v…
cPanel TSR-2017-0006 Announcement Read More »
WordPress 4.8.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.2 and earlier are affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to […]
WordPress 4.8.3 Security Release Read More »
cPanel & WHM versions 56 & 60 have reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.com/longtermsupport), 56 & 60 will continue …
cPanel & WHM Versions 56 & 60 Now EOL Read More »
SUMMARY cPanel, Inc. has released updated RPMs for EasyApache 4 on October 16, 2017, with a patch for Passenger. We strongly encourage all Passenger users to update their system to obtain the patch. AFFECTED VERSIONS All versions of Passenger DESCRIPTI…
EasyApache 2017-10-16 Security Release Read More »
WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this […]
WordPress 4.8.2 Security and Maintenance Release Read More »
cPanel TSR-2017-0005 Full Disclosure SEC-276 Summary SQL injection in eximstats processing. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 5.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Description When processing eximstats updates in buffered mode, errors in the SQL operations cause the updates to be reprocessed one statement at a time. The logic …
cPanel TSR-2017-0005 Full Disclosure Read More »
