wp-includeswp-includes is a website for every WordPress fan – Tutorials, news and database all related to WordPress!

Tag: Vulnerability Disclosure

HomeAll PostsTag: Vulnerability Disclosure

wp-includeswp-includes is a website for every WordPress fan – Tutorials, news and database all related to WordPress!

Zero-Day RCE in vBulletin v5.0.0-v5.5.4

By wp-includes.com Sucuri September 25, 2019

A new remote code execution (RCE) zero-day vulnerability has been disclosed by an anonymous researcher on the Full Disclosure mailing list this past Monday. This vulnerability is extremely severe. It allows any website visitors to run PHP code and shell commands…

Dissecting the WordPress 5.2.3 Update

By wp-includes.com Sucuri September 13, 2019

Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to day work is to analyse these security releases, discover what security issue it is fixing…

Icegram Persistent Cross-Site Scripting

By wp-includes.com Sucuri July 9, 2019

Icegram is a plugin that helps you collect email addresses for your newsletter. Other features include light-box popup offers, header action bars, toast notifications, and slide-in messengers. Versions 1.10.28.2 and lower are affected by a persistent Cross-Site Scripting in the…