I wanted a convenient place to reference the latest WordPress and Drupal Security Advisories, so I added the WP RSS Aggregator and then added both the WordPress Security Advisories and Drupal Security Advisories RSS feeds.
WordPress Security Advisories
- Secure Custom Fields
- WP Engine Reprieve
- WP Engine is banned from WordPress.org
- WordPress 6.5.5
- WordPress 6.5.2 Maintenance and Security Release
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Drupal Security Advisories
- Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008
- Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007
- Drupal core - Less critical - Gadget chain - SA-CORE-2024-006
- Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005
- Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004
- Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003
- Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002
- Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
- Drupal core - Critical - Cache poisoning - SA-CORE-2023-006
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Microsoft Security Advisories
- Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008
- Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007
- Drupal core - Less critical - Gadget chain - SA-CORE-2024-006
- Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005
- Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004
- Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003
- Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002
- Secure Custom Fields
- WP Engine Reprieve
- WP Engine is banned from WordPress.org
- WordPress 6.5.5
- WordPress 6.5.2 Maintenance and Security Release
- Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
- Drupal core - Critical - Cache poisoning - SA-CORE-2023-006
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005
Other Links:
Cold Fusion Security Advisories
Java Security Advisories
PHP Security Advisories
MySQL Security Advisories