Acunetix v12 (build 12.0.180628131) has been released. This new build detects an unfixed WordPress file deletion vulnerability, vulnerabilities in multiple WordPress Plugins and two Joomla! Core vulnerabilities. Below is a full list of updates.
New Features and Vulnerability tests
- New test for WordPress Arbitrary File Deletion Vulnerability described here and here (CVE-2018-12895)
- Added detection of vulnerabilities in the following wordpress plugins:
- New test for Joomla! Core Local File Inclusion (CVE-2018-12712)
- New test for Joomla! Core Cross-Site Scripting (CVE-2018-12711)
- Fixed issue with NTLM HTTP Authentication
- Fixed issue causing some pages not to load correctly in the LSR
- Fixed 2 false positives for “User controllable charset” and “User controllable script source”
- Fixed issue in handling HAR import files.
Upgrade to the latest build
If you are already using Acunetix v12, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > Settings page.
If you have not yet installed or upgraded to Acunetix v12, you may download Acunetix version 12 from here. Use your current Acunetix License Key to download and activate your product.
*** This is a Security Bloggers Network syndicated blog from Web Security Blog – Acunetix authored by Nicholas Sciberras. Read the original post at: http://feedproxy.google.com/~r/acunetixwebapplicationsecurityblog/~3/-VzQhDWRt8I/