security Archives - Bugbear Thoughts

WordPress WP GDPR Compliance Privilege Escalation Exploit

Published on November 10, 2018 Author gryzli

Two days ago (on November 08 2018) nasty WP exploit has been identified inside the popular GDPR wordpress plugin , that leads to privilege escalation. The plugin has more than 100 000 active installations. All versions prior 1.4.3 (except 1.4.3) are vulnerable to the exploit. What is the actual vulnerability ? More information about… Continue reading WordPress WP GDPR Compliance Privilege Escalation Exploit →

Nginx – Hardening SSL security by protecting from well-known attack vectors

Published on February 13, 2016 Author gryzli

Recently bunch of SSL attacks pop out, some of which get lot of public attention: Heartbleed Beast attack Crime attack Freak attack Poodle …..and so on …. Disabling SSLv3 and SSLv2 and Excluding Weak Cipher-Suites If you want to protect your Nginx from the biggest part of these attacks, you can add the… Continue reading Nginx – Hardening SSL security by protecting from well-known attack vectors →