新聞

八月 14第 New domains

The following new domains are now available

.bond .boo .broker .cfd .contact .dad .dealer .esq .feedback .foo .forex .forum .giving .gl .inc .lat .lotto .markets .mov .nexus .phd .prof .qpon .rsvp .sbs .trading .zip

十二月 19第 CVE-2022-3590 WordPress SSRF vulnerability - Updated 9 Mar 2023

WordPress instances below version 6.1.1 are vulnerable to CVE-2022-3590 when XML-RPC or pingbacks is enabled. WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers could reach internal hosts that would otherwise be ... 閱讀全文 »