I wanted a convenient place to reference the latest WordPress and Drupal Security Advisories, so I added the WP RSS Aggregator and then added both the WordPress Security Advisories and Drupal Security Advisories RSS feeds.
WordPress Security Advisories
- WordPress 6.5.2 Maintenance and Security Release
- WordPress 6.4.3 – Maintenance and Security release
- WordPress 6.4.2 Maintenance & Security Release
- Alert: WordPress Security Team Impersonation Scams
- WordPress 6.3.2 – Maintenance and Security release
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Drupal Security Advisories
- Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
- Drupal core - Critical - Cache poisoning - SA-CORE-2023-006
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-003
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001
- Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016
- Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2022-015
- Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Microsoft Security Advisories
- WordPress 6.5.2 Maintenance and Security Release
- WordPress 6.4.3 – Maintenance and Security release
- Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
- WordPress 6.4.2 Maintenance & Security Release
- Alert: WordPress Security Team Impersonation Scams
- WordPress 6.3.2 – Maintenance and Security release
- Drupal core - Critical - Cache poisoning - SA-CORE-2023-006
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-003
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001
- Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016
- Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2022-015
- Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
Other Links:
Cold Fusion Security Advisories
Java Security Advisories
PHP Security Advisories
MySQL Security Advisories