Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.

Developers at WordPress are encouraging users to upgrade to the latest version, 4.4.2, in order to resolve a handful of bugs and vulnerabilities in the content management system. The update pushed out on Tuesday addresses two main issues. Until yesterday an attacker could have potentially carried out a server-side request forgery (SSRF) attack that could...