HEX
Server: Apache/2
System: Linux server.vm113-cu.cl1.il.proginter.com 4.18.0-553.78.1.el8_10.x86_64 #1 SMP Tue Oct 7 04:15:13 EDT 2025 x86_64
User: regevl (1053)
PHP: 7.4.33
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/regevl/Maildir/new/
Upload Files
File: /home/regevl/Maildir/new/1604068803.M447835P10399.server.vps4552-cu.uk.proginter.com,S=2478,W=2523
Return-Path: <regevl910@gmail.com>
Delivered-To: regevl@tll-hospitality.co.il
Received: from server.vps4552-cu.uk.proginter.com
	by server.vps4552-cu.uk.proginter.com with LMTP
	id 4JagGsMlnF+fKAAA0tGqwA
	(envelope-from <regevl910@gmail.com>)
	for <regevl@tll-hospitality.co.il>; Fri, 30 Oct 2020 16:40:03 +0200
Return-path: <regevl910@gmail.com>
Envelope-to: regevl@tll-hospitality.co.il
Delivery-date: Fri, 30 Oct 2020 16:40:03 +0200
Received: from root by server.vps4552-cu.uk.proginter.com with local (Exim 4.94)
	(envelope-from <regevl910@gmail.com>)
	id 1kYVZT-0005a6-DF
	for regevl@tll-hospitality.co.il; Fri, 30 Oct 2020 16:40:03 +0200
To: regevl@tll-hospitality.co.il
Subject: [Installatron] WordPress 5.0.10 now available (security release)
Date: Fri, 30 Oct 2020 16:40:03 +0200
From: regevl910@gmail.com
Message-ID: <9f25b371f143821bf500963c6abe938f@server.vps4552-cu.uk.proginter.com>
X-Mailer: Installatron Plugin 9.1.53
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is an automated email from Installatron. To unsubscribe from these emails or to change notification settings, login to your web hosting control panel, navigate to the Installatron tool, and select the installed applications you wish to modify.

An update to WordPress 5.0.10 (security release) is now available for the WordPress installations you are managing using Installatron. The following can be updated:

- http://www.hilla-yehezkel.com


The changes for this version are:

Security
* Props to Sam Thomas (jazzy2fives) for finding an XSS issue where authenticated users with low privileges are able to add JavaScript to posts in the block editor.
* Props to Luigi – (gubello.me) for discovering an XSS issue where authenticated users with upload permissions are able to add JavaScript to media files.
* Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
* Props to Nrimo Ing Pandum for finding an authenticated XSS issue via theme uploads.
* Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation.
* Props to Carolina Nymark for discovering an issue where comments from password-protected posts and pages could be displayed under certain conditions.

Login to your web hosting control panel and navigate to the Installatron tool to update your installed applications.

End of report.
@ Telegram