Ten disclosures since last week, with four issues unfixed, the most serious being an Authenticated Arbitrary File Upload vulnerability in Advanced Contact form 7 DB.
View this week’s vulnerable plugins list.
Other Security News
Specifics of the Remote Code Execution vulnerability in Moodle were disclosed earlier this week. The disclosure includes Proof-of-Concept code so if you haven’t updated your Moodle instance already, you need to do so as soon as possible.
In case you haven’t heard yet, today is the last day to register for the HighEdWeb 2018 conference. If you are unfamiliar, HighEdWeb is the conference for higher education professionals working in the digital space, put on by higher educations professionals working in the digital space. It’s like WPCampus, but more general. In fact, many of the people who organize, speak at, and attend WPCampus will be at HighEdWeb. It’s the only other conference besides WPCampus that I consider a “can’t miss.” I sincerely hope you’ll register (today! Today is the last day!) and see you in Sacramento next month!