‼ CVE-2022-43972 ‼
📖 Read
via "National Vulnerability Database".
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43971 ‼
📖 Read
via "National Vulnerability Database".
An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious GET or POST request to /setNTP.cgi to execute arbitrary commands on the underlying Linux operating system as root.📖 Read
via "National Vulnerability Database".
🕴 Firmware Vulnerability in Chips Helps Hackers Take Control of Systems 🕴
📖 Read
via "Dark Reading".
The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.📖 Read
via "Dark Reading".
Dark Reading
Latest Firmware Flaws in Qualcomm Snapdragon Need Attention
The issue concerns the boot layer of ARM chips, which are driving a low-power mobile ecosystem that includes 5G smartphones and base stations.
‼ CVE-2022-4310 ‼
📖 Read
via "National Vulnerability Database".
The Slimstat Analytics WordPress plugin before 4.9.3 does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4301 ‼
📖 Read
via "National Vulnerability Database".
The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4394 ‼
📖 Read
via "National Vulnerability Database".
The iPages Flipbook For WordPress plugin through 1.4.6 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4393 ‼
📖 Read
via "National Vulnerability Database".
The ImageLinks Interactive Image Builder for WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3923 ‼
📖 Read
via "National Vulnerability Database".
The ActiveCampaign for WooCommerce WordPress plugin through 1.9.6 does not have authorisation check when cleaning up its error logs via an AJAX action, which could allow any authenticated users, such as subscriber to call it and remove error logs.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4196 ‼
📖 Read
via "National Vulnerability Database".
The Multi Step Form WordPress plugin before 1.7.8 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4468 ‼
📖 Read
via "National Vulnerability Database".
The WP Recipe Maker WordPress plugin before 8.6.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4391 ‼
📖 Read
via "National Vulnerability Database".
The Vision Interactive For WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3855 ‼
📖 Read
via "National Vulnerability Database".
The 404 to Start WordPress plugin through 1.6.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3417 ‼
📖 Read
via "National Vulnerability Database".
The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file, which could lead to PHP object injections issues when an user import (intentionally or not) a malicious settings file and a suitable gadget chain is present on the blog.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4325 ‼
📖 Read
via "National Vulnerability Database".
The Post Status Notifier Lite WordPress plugin before 1.10.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high privilege users such as admin.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4491 ‼
📖 Read
via "National Vulnerability Database".
The WP-Table Reloaded WordPress plugin through 1.9.4 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46603 ‼
📖 Read
via "National Vulnerability Database".
An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3416 ‼
📖 Read
via "National Vulnerability Database".
The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3343 ‼
📖 Read
via "National Vulnerability Database".
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4426 ‼
📖 Read
via "National Vulnerability Database".
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4102 ‼
📖 Read
via "National Vulnerability Database".
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. This could allow any authenticated users, such as subscribers, to delete arbitrary posts assuming they know the related slug.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4103 ‼
📖 Read
via "National Vulnerability Database".
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post (as well as any post type) with an arbitrary title📖 Read
via "National Vulnerability Database".