A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.
WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
A vulnerability has been patched in a popular WordPress theme called Neosense that allows an attacker to upload code without authentication.
Developers with the open source content management framework Drupal patched a series of highly critical remote code execution bugs in three separate modules today. If exploited, the bugs could let an attacker take over any site running the modules.
A nasty remote code execution vulnerability was recently patched in Magento, eBay’s eCommerce platform