I wanted a convenient place to reference the latest WordPress and Drupal Security Advisories, so I added the WP RSS Aggregator and then added both the WordPress Security Advisories and Drupal Security Advisories RSS feeds.
WordPress Security Advisories
- WordPress 6.0.3 Security Release
- Dropping security updates for WordPress versions 3.7 through 4.0
- WordPress 6.0.2 Security and Maintenance Release
- WordPress 5.9.2 Security and Maintenance Release
- WordPress 5.8.3 Security Release
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Drupal Security Advisories
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001
- Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016
- Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2022-015
- Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
- Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
- Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-011
- Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-010
- Drupal core - Moderately critical - Access bypass - SA-CORE-2022-009
- Drupal core - Moderately critical - Improper input validation - SA-CORE-2022-008
- 4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 3.0
- 4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0
- 4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0
- 4033453 - Vulnerability in Azure AD Connect Could Allow Elevation of Privilege - Version: 1.0
- 4025685 - Guidance related to June 2017 security update release - Version: 1.0
Microsoft Security Advisories
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001
- WordPress 6.0.3 Security Release
- Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016
- Dropping security updates for WordPress versions 3.7 through 4.0
- WordPress 6.0.2 Security and Maintenance Release
- Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2022-015
- Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
- Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
- Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-011
- Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-010
- Drupal core - Moderately critical - Access bypass - SA-CORE-2022-009
- Drupal core - Moderately critical - Improper input validation - SA-CORE-2022-008
- WordPress 5.9.2 Security and Maintenance Release
- WordPress 5.8.3 Security Release
Other Links:
Cold Fusion Security Advisories
Java Security Advisories
PHP Security Advisories
MySQL Security Advisories