Sign up to save your podcasts
Or
Share Episode 116: Packagist Patch Shows how Supply Chain Threats Could Impact WordPress
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 116: Packagist Patch Shows how Supply Chain Threats Could Impact WordPress
A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to cause Composer to download the wrong source code, potentially affecting all WordPress sites. Packagist reports that it's not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over 100k sites. Vulnerabilities were discovered in Exim mail server, including 3 RCE vulnerabilities.
View all episodes
By WordfenceA vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to cause Composer to download the wrong source code, potentially affecting all WordPress sites. Packagist reports that it's not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over 100k sites. Vulnerabilities were discovered in Exim mail server, including 3 RCE vulnerabilities.