{"id":1169,"date":"2021-09-22T13:34:57","date_gmt":"2021-09-22T10:34:57","guid":{"rendered":"https:\/\/www.phpsugar.com\/blog\/?p=1169"},"modified":"2021-09-22T13:34:57","modified_gmt":"2021-09-22T10:34:57","slug":"php-melody-3-0-vulnerability-report-fix","status":"publish","type":"post","link":"https:\/\/www.phpsugar.com\/blog\/2021\/09\/php-melody-3-0-vulnerability-report-fix\/","title":{"rendered":"PHP Melody 3.0 Vulnerability Report &#038; Fix"},"content":{"rendered":"<p>Dear customers and PHP\u00a0Melody users.<\/p>\n<p>We&#8217;ve recently received reports of code\u00a0<strong>vulnerabilities in the latest PHP Melody release<\/strong>. As a result a patch was made available today.<\/p>\n<p>The vulnerabilities are of <strong>medium to low severity <\/strong>and would <strong>require enhanced user permissions<\/strong> (e.g. admin or\u00a0editor) to be exploited.<\/p>\n<p>In short, <strong>your PHP Melody\u00a0website is still &#8220;safe&#8221;!<\/strong> Nevertheless, we recommend patching it ASAP.<\/p>\n<p>The patch is now available in your <a href=\"https:\/\/www.phpsugar.com\/customer\/\" target=\"_blank\">customer account<\/a> under the <em><strong>Download Updates<\/strong><\/em> page.<\/p>\n<p>All our codebase was updated today so, if you are updating from v2.x to v3.x you do not need to apply this patch. The same is true for new installations. All these packages are, of course, patched.<\/p>\n<p>For any inquiries please don&#8217;t hesitate to contact our support. Thank you very much!<\/p>\n<p>P.S. A\u00a0sincere thank you goes to the<strong> <a href=\"https:\/\/www.vulnerability-lab.com\/\" target=\"_blank\">Vulnerability-lab.com<\/a><\/strong> for sending in their findings and detailed report.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dear customers and PHP\u00a0Melody users. We&#8217;ve recently received reports of code\u00a0vulnerabilities in the latest PHP Melody release. As a result a patch was made available today. The vulnerabilities are of medium to low severity and would require enhanced user permissions (e.g. admin or\u00a0editor) to be exploited. In short, your PHP Melody\u00a0website is still &#8220;safe&#8221;! Nevertheless, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,18],"tags":[39,54,89],"class_list":["post-1169","post","type-post","status-publish","format-standard","hentry","category-announcement","category-news","tag-important","tag-patch","tag-update"],"_links":{"self":[{"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/posts\/1169","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/comments?post=1169"}],"version-history":[{"count":1,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/posts\/1169\/revisions"}],"predecessor-version":[{"id":1170,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/posts\/1169\/revisions\/1170"}],"wp:attachment":[{"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/media?parent=1169"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/categories?post=1169"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phpsugar.com\/blog\/wp-json\/wp\/v2\/tags?post=1169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}