Over a million WordPress sites hit in plugin flaw — here's what we know

A popular WordPress plugin was found carrying two flaws that can cause data leaks.
Bleeping Computer

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Sophos purchased firewall and router maker Cyberoam Technologies in 2014 and has ...

Avada Flaw Widens Wordpress Security Risk Arabian Post

Avada Flaw Widens Wordpress Security Risk Arabian Post. clearfix>Two vulnerabilities in the Avada Builder plugin have exposed around one million WordPress websites to attacks that could reveal ...

Ivanti EPM: Security flaws allow SQL injection, privilege escalation

Ivanti warns of three security vulnerabilities in Endpoint Manager (EPM). They allow SQL injection or privilege escalation.
Infosecurity Magazine

Avada Builder Flaws Expose One Million WordPress Sites

Two newly disclosed vulnerabilities in the Avada Builder WordPress plugin have placed around one million sites at risk of ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...
Bleeping Computer

Django fixes SQL Injection vulnerability in new releases

The Django project, an open source Python-based web framework has patched a high severity vulnerability in its latest releases. Tracked as CVE-2022-34265, the potential SQL Injection vulnerability ...