HEX
Server: Apache
System: Linux p3plzcpnl466169.prod.phx3.secureserver.net 4.18.0-553.83.1.lve.el8.x86_64 #1 SMP Wed Nov 12 10:04:12 UTC 2025 x86_64
User: wynnelaw5142 (399059)
PHP: 8.3.31
Disabled: NONE
$ pwd: /home/wynnelaw5142/mail/new/
Upload Files
File: /home/wynnelaw5142/mail/new/1429749012.H278318P30688.p3plcpnl0292.prod.phx3.secureserver.net,S=2574
Return-path: <noreply@p3plcpnl0292.prod.phx3.secureserver.net>
Envelope-to: wynnelaw5142@p3plcpnl0292.prod.phx3.secureserver.net
Delivery-date: Wed, 22 Apr 2015 17:30:12 -0700
Received: from root by p3plcpnl0292.prod.phx3.secureserver.net with local (Exim 4.85)
	(envelope-from <noreply@p3plcpnl0292.prod.phx3.secureserver.net>)
	id 1Yl51w-0007yr-5I
	for wynnelaw5142@p3plcpnl0292.prod.phx3.secureserver.net; Wed, 22 Apr 2015 17:30:12 -0700
To: wynnelaw5142@p3plcpnl0292.prod.phx3.secureserver.net
Subject: [Installatron] WordPress 3.8.6 now available (security release)
Date: Thu, 23 Apr 2015 02:30:12 +0200
From: noreply@p3plcpnl0292.prod.phx3.secureserver.net
Message-ID: <a2b2a9e9e8dad6cfc7d5515066eec5cf@p3plcpnl0292.prod.phx3.secureserver.net>
X-Priority: 3
X-Mailer: Installatron Plugin 9.1.14
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This is an automated email from Installatron. To unsubscribe from these emails or to change notification settings, login to your web hosting control panel, navigate to the Installatron tool, and select the installed applications you wish to modify.

An update to WordPress 3.8.6 (security release) is now available for the WordPress installations you are managing using Installatron. The following can be updated:

- http://www.wynnelawfirm.com


The changes for this version are:

This is a critical security release for all previous versions. Furthermore, a number of plugins released security fixes yesterday. Keep everything updated to stay secure.

WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Cedric Van Bockhaven and fixed by Gary Pendergast, Mike Adams, and Andrew Nacin of the WordPress security team.

We also fixed three other security issues:
* In WordPress 4.1 and higher, files with invalid or unsafe names could be uploaded. Discovered by Michael Kapfer and Sebastian Kraemer of HSASec.
* In WordPress 3.9 and higher, a very limited cross-site scripting vulnerability could be used as part of a social engineering attack. Discovered by Jakub Zoczek.
* Some plugins were vulnerable to an SQL injection vulnerability. Discovered by Ben Bidner of the WordPress security team.

We also made four hardening changes, discovered by J.D. Grimes, Divyesh Prajapati, Allan Collins and Marc-Alexandre Montpas.

Login to your web hosting control panel and navigate to the Installatron tool to update your installed applications.

End of report.
@ Telegram