βΌ CVE-2022-2241 βΌ
π Read
via "National Vulnerability Database".
The Featured Image from URL (FIFU) WordPress plugin before 4.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of validation, sanitisation and escaping in some of them, it could also lead to Stored XSS issuesπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1324 βΌ
π Read
via "National Vulnerability Database".
The Event Timeline WordPress plugin through 1.1.5 does not sanitize and escape Timeline Text, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowedπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2245 βΌ
π Read
via "National Vulnerability Database".
The Counter Box WordPress plugin before 1.2.1 is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacksπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2171 βΌ
π Read
via "National Vulnerability Database".
The Progressive License WordPress plugin through 1.1.0 is lacking any CSRF check when saving its settings, which could allow attackers to make a logged in admin change them. Furthermore, as the plugin allows arbitrary HTML to be inserted in one of the settings, this could lead to Stored XSS issue which will be triggered in the frontend as well.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1950 βΌ
π Read
via "National Vulnerability Database".
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injectionπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1585 βΌ
π Read
via "National Vulnerability Database".
The Project Source Code Download WordPress plugin through 1.0.0 does not protect its backup generation and download functionalities, which may allow any visitors on the site to download the entire site, including sensitive files like wp-config.php.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-2181 βΌ
π Read
via "National Vulnerability Database".
The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scriptingπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2170 βΌ
π Read
via "National Vulnerability Database".
The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin before 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. Due to the nature of this plugin, well crafted XSS can also leak into the frontpage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27255 βΌ
π Read
via "National Vulnerability Database".
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2184 βΌ
π Read
via "National Vulnerability Database".
The CAPTCHA 4WP WordPress plugin before 7.1.0 lets user input reach a sensitive require_once call in one of its admin-side templates. This can be abused by attackers, via a Cross-Site Request Forgery attack to run arbitrary code on the server.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1600 βΌ
π Read
via "National Vulnerability Database".
The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26308 βΌ
π Read
via "National Vulnerability Database".
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration (Credential store) where a user with the role of Operator (Write) could create, delete, view existing keys which are outside the intended role.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2215 βΌ
π Read
via "National Vulnerability Database".
The GiveWP WordPress plugin before 2.21.3 does not properly sanitise and escape the currency settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".
βΌ CVE-2022-2325 βΌ
π Read
via "National Vulnerability Database".
The Invitation Based Registrations WordPress plugin through 2.2.84 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".
βΌ CVE-2022-2317 βΌ
π Read
via "National Vulnerability Database".
The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2260 βΌ
π Read
via "National Vulnerability Database".
The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to overwhelm the target's CPU.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2278 βΌ
π Read
via "National Vulnerability Database".
The Featured Image from URL (FIFU) WordPress plugin before 4.0.1 does not validate, sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".
βΌ CVE-2022-0598 βΌ
π Read
via "National Vulnerability Database".
The Login with phone number WordPress plugin through 1.3.7 do not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2273 βΌ
π Read
via "National Vulnerability Database".
The Simple Membership WordPress plugin before 4.1.3 does not properly validate the membership_level parameter when editing a profile, allowing members to escalate to a higher membership level by using a crafted POST request.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1906 βΌ
π Read
via "National Vulnerability Database".
The Copyright Proof WordPress plugin through 4.16 does not sanitise and escape a parameter before outputting it back via an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting when a specific setting is enabled.π Read
via "National Vulnerability Database".
ποΈ βYou get respect for owning what happenedβ β SolarWindsβ CISO on the legacy and lessons of Sunburst ποΈ
π Read
via "The Daily Swig".
Security chief counts new build system and greater intel sharing among positive legacies of watershed cyber-attackπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
βYou get respect for owning what happenedβ β SolarWindsβ CISO on the legacy and lessons of Sunburst
Security chief counts new build system and greater intel sharing among positive legacies of watershed cyber-attack
π1