Episode 81: Critical Vulnerability Exposes over 700,000 Sites Using Divi, Extra, and Divi Builder

9:08
 
Share
 

Archived series ("Inactive feed" status)

When? This feed was archived on October 25, 2021 06:08 (7M ago). Last successful fetch was on September 16, 2021 15:41 (8M ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 269114382 series 2491387
By Mark Maunder. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Our Threat Intelligence team disclosed numerous vulnerabilities this week, including a critical vulnerability in the Divi and Extra themes as well as the Divi Builder plugin. In total, this vulnerability affected over 700,000 sites. A vulnerability found in The Official Facebook Chat Plugin created a vector for social engineering attacks as it allowed an attacker to pose as a site owner via chat. Object injection vulnerabilities discovered in the Newsletter plugin affected over 300,000 sites. We also look at the charges brought against 3 people in connection with the recent Twitter hack. The WordCamp US organizing team made the difficult decision to cancel WCUS this year amid online event fatigue.

125 episodes