News | WordPress and Joomla

Joomla and WordPress are two of the most widely used and influential CMS systems. In fact I’m writing this news update on Joomla and WordPress on WordPress.com right now. So what are these two CMS systems up too.

According to Joomla’s official news outlet on there website Joomla has been going through a bunch of recent updates. Joomla has just released a new update updating the CMS to 3.64(1). In this release of Joomla the development team has addressed three critical security issues as well fixing a bug with two factor authentication.

The first security issue they addressed has to do with an exploit users were exploiting when only a few checks were being used on account creation allowing users to create accounts

joomla

Joomla.com

when account creation has been disabled by the site administrators.(2) The second main security issue being addressed in the most current release has to do with users taking advantage an exploit which allows users to register an account with elevated privileges, allowing users to alter facets of a sites structure.(3) The final exploit addressed has to do with an error which allowed users to edit aspects of there accounts by exploiting mismanaged account data(4). If you are currently running an older version of Joomla on your site I highly recommend upgrading to the 3.64, to avoid a situation where you have many mismanaged hogging up valuable database storage; or even worse having your users privaliges being expanded, or reduced.(3)

 

wordpress-bg-medblue

WordPress.com

WordPress has also been going through many changes recently. Although there changes have to do more with fixing bugs with the editing process as well as addressing over 150 minor bugs. The latest version of WordPress, as of this post being written is version 4.7, Beta 2 releasing on November 4th, 2016(5); and one of the first changes they posted in their update release(6), has  to do with a problem when upgrading a site where theme features were showing wrong on screens. The API has also been updated with a few features, that personally I don’t understand but may apply to users trying to implement WordPress on their site. I don’t really understand exactly what bug fixes they have implemented but instead of me trying to try to  guess t the fixes, I will just post a link to the bug fixes page.Bug Fixes 11/4/16

 

Sources

(1)https://www.joomla.org/announcements.html
(2)https://developer.joomla.org/security-centre/659-20161001-core-account-creation.html
(3)https://developer.joomla.org/security-centre/660-20161002-core-elevated-privileges.html
(4)https://developer.joomla.org/security-centre/661-20161003-core-account-modifications.html
(5)https://wordpress.org/news/
(6)https://wordpress.org/news/2016/11/wordpress-4-7-beta-2/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s