🕴 New Emergency Communications Plan Released by CISA 🕴
📖 Read
via "Dark Reading: ".
The Cybersecurity and Infrastructure Security Agency's latest version of the National Emergency Communications Plan comes after a two-year process to improve the cybersecurity and flexibility of the nation's emergency communications.📖 Read
via "Dark Reading: ".
Dark Reading
New Emergency Communications Plan Released by CISA
The Cybersecurity and Infrastructure Security Agency's latest version of the National Emergency Communications Plan comes after a two-year process to improve the cybersecurity and flexibility of the nation's emergency communications.
❌ Magecart Group Targets Routers Behind Public Wi-Fi Networks ❌
📖 Read
via "Threatpost".
Magecart Group 5 has been spotted testing and preparing code to be injected onto commercial routers - potentially opening up guests connecting to Wi-Fi networks to payment data theft.📖 Read
via "Threatpost".
Threat Post
Magecart Group Targets Routers Behind Public Wi-Fi Networks
Magecart Group 5 has been spotted testing and preparing code to be injected onto commercial routers - potentially opening up guests connecting to Wi-Fi networks to payment data theft.
🔐 Amazon's Echo, Alexa parade: What it all means 🔐
📖 Read
via "Security on TechRepublic".
Here are Larry Dignan's key takeaways from Amazon's 2019 hardware event and what it means for smart home integration, privacy, and digital assistants.📖 Read
via "Security on TechRepublic".
TechRepublic
Amazon's Echo, Alexa parade: What it all means
Here are Larry Dignan's key takeaways from Amazon's 2019 hardware event and what it means for smart home integration, privacy, and digital assistants.
ATENTION‼ New - CVE-2015-9431
📖 Read
via "National Vulnerability Database".
The qtranslate-x plugin before 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=qtranslate-x json_config_files or json_custom_i18n_config parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9430
📖 Read
via "National Vulnerability Database".
The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9429
📖 Read
via "National Vulnerability Database".
The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-admin/themes.php?page=yith-maintenance-mode panel_page parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9428
📖 Read
via "National Vulnerability Database".
The wplegalpages plugin before 1.1 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=legal-pages lp-domain-name, lp-business-name, lp-phone, lp-street, lp-city-state, lp-country, lp-email, lp-address, or lp-niche parameters.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9427
📖 Read
via "National Vulnerability Database".
The googmonify plugin through 0.5.1 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=googmonify.php PID or AID parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9426
📖 Read
via "National Vulnerability Database".
The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=mic_editor_window postId parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9425
📖 Read
via "National Vulnerability Database".
The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=opanda-item&page=license-manager-sociallocker-next licensekey parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9424
📖 Read
via "National Vulnerability Database".
The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9423
📖 Read
via "National Vulnerability Database".
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load PlugneditBGColor, PlugneditEditorMargin, plugnedit_width, pnemedcount, or plugneditcontent parameters.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9422
📖 Read
via "National Vulnerability Database".
The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9421
📖 Read
via "National Vulnerability Database".
The olevmedia-shortcodes plugin before 1.1.9 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=omsc_popup id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9420
📖 Read
via "National Vulnerability Database".
The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?action=get_soundcloud_player id parameter.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9419
📖 Read
via "National Vulnerability Database".
The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9418
📖 Read
via "National Vulnerability Database".
The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9417
📖 Read
via "National Vulnerability Database".
The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9416
📖 Read
via "National Vulnerability Database".
The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Language HTTP header.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9415
📖 Read
via "National Vulnerability Database".
The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2015-9414
📖 Read
via "National Vulnerability Database".
The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter.📖 Read
via "National Vulnerability Database".