Cybersecurity security researchers at Alert Logic have announced warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions.
Drupal Security Team has announced a moderately critical security advisory for both Drupal 7 & 8 cores today on May 8, 2019 with the following details:
Project: Drupal core
Date: 2019-May-08
Security risk: Moderately critical 14∕25
Vulnerability: Third-party librariesjQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extend(true, {}, ...). If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. This fix is included in jQuery 3.4.0, but patch diffs exist to patch previous jQuery versions.
WordPress has released the security and maintenance version 5.1.1 today introducing 10 fixes and enhancements, including changes designed to help hosts prepare users for the minimum PHP version bump coming in 5.2.
The Drupal security team has announced the discovery of a highly critical remote code execution vulnerability and the release of the latest version of Drupal 8 to patch the critical vulnerability which could allow remote attackers to hack Drupal sites.
Version 5.1 of WordPress, named “Betty” in honor of acclaimed jazz vocalist Betty Carter, is available for download or update in your WordPress dashboard.
As a Drupal-oriented company we - AltaGrade team - are happy to be celebrating Drupal's eighteenth birthday and sharing the joy of the founder, Dries Buytaert:
Eighteen years ago today, I released Drupal 1.0.0. What started from humble beginnings has grown into one of the largest Open Source communities in the world. Today, Drupal exists because of its people and the collective effort of thousands of community members. Thank you to everyone who has been and continues to contribute to Drupal.
WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.
Plugin authors are encouraged to read the 5.0.1 developer notes for information on backwards-compatibility.
I am delighted to announce today that a hosting provider previously known as Drupion changes its jurisdiction from San Jose, California to Seattle, Washington and re-launches as AltaGrade LLC, a web-hosting company for everybody created by nerds who know the best of and love to support Drupal, Backdrop, WordPress, Joomla and thousands of other most popular web applications running on Linux.