‼ CVE-2022-0751 ‼
📖 Read
via "National Vulnerability Database".
Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an attacker to create Snippets with misleading content which could trick unsuspecting users into executing arbitrary commands📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0738 ‼
📖 Read
via "National Vulnerability Database".
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0818 ‼
📖 Read
via "National Vulnerability Database".
The WooCommerce Affiliate Plugin WordPress plugin before 4.16.4.5 does not have authorization and CSRF checks on a specific action handler, as well as does not sanitize its settings, which enables an unauthenticated attacker to inject malicious XSS payloads into the settings page of the plugin.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0680 ‼
📖 Read
via "National Vulnerability Database".
The Plezi WordPress plugin before 1.0.3 has a REST endpoint allowing unauthenticated users to update the plz_configuration_tracker_enable option, which is then displayed in the admin panel without sanitisation and escaping, leading to a Stored Cross-Site Scripting issue📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0499 ‼
📖 Read
via "National Vulnerability Database".
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0479 ‼
📖 Read
via "National Vulnerability Database".
The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb-subscription-popup-id parameter before using it in a SQL statement in the All Subscribers admin dashboard, leading to a SQL injection, which could also be used to perform Reflected Cross-Site Scripting attack against a logged in admin opening a malicious link📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0679 ‼
📖 Read
via "National Vulnerability Database".
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results in the disclosure of arbitrary files as the content of the file is then displayed in the response as JSON data. This could also lead to RCE with various tricks but depends on the underlying system and it's configuration.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0784 ‼
📖 Read
via "National Vulnerability Database".
The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27658 ‼
📖 Read
via "National Vulnerability Database".
Under certain conditions, SAP Innovation management - version 2.0, allows an attacker to access information which could lead to information gathering for further exploits and attacks.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25070 ‼
📖 Read
via "National Vulnerability Database".
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0770 ‼
📖 Read
via "National Vulnerability Database".
The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access to a logged in admin cookies by making them open a malicious link or page📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0599 ‼
📖 Read
via "National Vulnerability Database".
The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25068 ‼
📖 Read
via "National Vulnerability Database".
The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feed_id' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0595 ‼
📖 Read
via "National Vulnerability Database".
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0846 ‼
📖 Read
via "National Vulnerability Database".
The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0833 ‼
📖 Read
via "National Vulnerability Database".
The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the "refresh-backup" action, and simultaneously keep requesting a publicly accessible temporary file generated by the plugin in order to disclose the final backup filename, which can then be fetched by the attacker to download the backup of the plugin's DB data📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0720 ‼
📖 Read
via "National Vulnerability Database".
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24978 ‼
📖 Read
via "National Vulnerability Database".
The OSMapper WordPress plugin through 2.1.5 contains an AJAX action to delete a plugin related post type named 'map' and is registered with the wp_ajax_nopriv prefix, making it available to unauthenticated users. There is no authorisation, CSRF and checks in place to ensure that the post to delete is a map one. As a result, unauthenticated user can delete arbitrary posts from the blog📖 Read
via "National Vulnerability Database".
🕴 Triton Malware Still Targeting Energy Firms 🕴
📖 Read
via "Dark Reading".
The FBI's latest Private Industry Notification warns the energy sector that the group behind Triton is still up to no good.📖 Read
via "Dark Reading".
Dark Reading
Triton Malware Still Targeting Energy Firms
The FBI's latest Private Industry Notification warns the energy sector that the group behind Triton is still up to no good.
‼ CVE-2003-5002 ‼
📖 Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has been declared as problematic. Affected by this vulnerability is the component Update Handler which allows cleartext transmission of data. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26278 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.📖 Read
via "National Vulnerability Database".