On March 26, 2019 we launched new MODX Forums. Please join us at the new MODX Community Forums.
Subscribe: RSS
  • Ironically, on the same day I received the recent MODX security alert (the first one in a long time) about the 2.6.x versions , I got this message from the host of a WordPress site I built for a friend (I've removed the domain information and details). I updated the site not that long ago. I get these all the time:

    It appears patches are available for application(s) installed in the following path(s):

    Privilege escalation vulnerability in WordPress

    XSS vulnerability in WordPress

    XSS vulnerability in WordPress

    Privilege escalation vulnerability in WordPress

    Incorrect permissions vulnerability in WordPress

    Code injection vulnerability in WordPress

    Code injection vulnerability in WordPress

    Incorrect permissions vulnerability in WordPress

    Incorrect permissions vulnerability in WordPress

    Incorrect permissions vulnerability in WordPress

    Incorrect permissions vulnerability in WordPress

    XSS vulnerability in WordPress

    XSS vulnerability in WordPress

    If you are working with a development partner, please forward this email on to them as they will be able to take care of the update for you. Otherwise, we will automatically apply the above patches within seven days.
      Did I help you? Buy me a beer
      Get my Book: MODX:The Official Guide
      MODX info for everyone: http://bobsguides.com/modx.html
      My MODX Extras
      Bob's Guides is now hosted at A2 MODX Hosting
    • Phpthumbs... I tell you what... My rant from 4 years ago: https://forums.modx.com/thread/?thread=89090&page=1
        @hawproductions | http://mrhaw.com/

        Infograph: MODX Advanced Install in 7 steps:
        http://forums.modx.com/thread/96954/infograph-modx-advanced-install-in-7-steps

        Recap: Portland, OR (PDX) MODX CMS Meetup, Oct 6, 2015. US Bancorp Tower
        http://mrhaw.com/modx_portland_oregon_pdx_modx_cms_meetup_oct_2015_us_bancorp_tower
      • Update... sad

        https://forums.modx.com/thread/104072/security-issue-with-gallery-extra-below-1-7-1 [ed. note: mrhaw last edited this post 3 years ago.]
          @hawproductions | http://mrhaw.com/

          Infograph: MODX Advanced Install in 7 steps:
          http://forums.modx.com/thread/96954/infograph-modx-advanced-install-in-7-steps

          Recap: Portland, OR (PDX) MODX CMS Meetup, Oct 6, 2015. US Bancorp Tower
          http://mrhaw.com/modx_portland_oregon_pdx_modx_cms_meetup_oct_2015_us_bancorp_tower
        • Quote from: BobRay at Jul 15, 2018, 03:46 AM
          Ironically, on the same day I received the recent MODX security alert (the first one in a long time) about the 2.6.x versions , I got this message from the host of a WordPress site I built for a friend (I've removed the domain information and details). I updated the site not that long ago. I get these all the time:

          It appears patches are available for application(s) installed in the following path(s):

          Privilege escalation vulnerability in WordPress

          XSS vulnerability in WordPress

          XSS vulnerability in WordPress

          Privilege escalation vulnerability in WordPress

          Incorrect permissions vulnerability in WordPress

          Code injection vulnerability in WordPress

          Code injection vulnerability in WordPress

          Incorrect permissions vulnerability in WordPress

          Incorrect permissions vulnerability in WordPress

          Incorrect permissions vulnerability in WordPress

          Incorrect permissions vulnerability in WordPress

          XSS vulnerability in WordPress

          XSS vulnerability in WordPress

          If you are working with a development partner, please forward this email on to them as they will be able to take care of the update for you. Otherwise, we will automatically apply the above patches within seven days.

          Yep... we whine about MODX's recent vulnerability, but for Wordpress it is a constant!