cPanel, Inc. » News

---

IMPORTANT: cPanel Security Notice 2013-09-25: WordPress 3.6.1 Posted: 25 Sep 2013 01:23 PM PDT SUMMARY Three CVEs were reported for WordPress 3.6 and WordPress has released an upgraded version to address theses vulnerabilities. cPanel has updated the WordPress version delivered via the cPAddons functionality in WHM to the new version of 3.6.1. AFFECTED VERSIONS All versions of WordPress 3.6.0 and below. SECURITY RATING US-CERT/NIST has given the following severities for the WordPress vulnerabilities: CVE-2013-4338 CVSS v2 Base Score: 7.5 (HIGH) CVE-2013-4339 CVSS v2 Base Score: 7.5 (HIGH) CVE-2013-4339 CVSS v2 Base Score: 3.5 (LOW) SOLUTION cPanel, Inc. has updated the version of WordPress in the cPAddons system to 3.6.1. The cPanel Security Team highly recommends that all installations of WordPress be update on your servers. The WHM Admins can upgrade the installations of WordPress on their servers using the Manage cPAddons Site Software functionality in WHM. cPanel account users may also update from the WordPress link in the Site Software section of their cPanel account interface. REFERENCES http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4338 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4338 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4339 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4340 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340 http://wordpress.org/news/2013/09/wordpress-3-6-1/ For the PGP signed message go here

You are subscribed to email updates from cPanel, Inc. » News To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610