βΌ CVE-2023-2279 βΌ
π Read
via "National Vulnerability Database".
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on the 'admin_page_display' function. This makes it possible for unauthenticated attackers to delete or change plugin settings, import demo data, modify or delete Directory Kit related posts and terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Partial patches were made avilable in versions 1.2.0 and 1.2.1 but the issue was not fully patched until 1.2.2π Read
via "National Vulnerability Database".
βΌ CVE-2023-3999 βΌ
π Read
via "National Vulnerability Database".
The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create and delete countdowns as well as manipulate other plugin settings.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4500 βΌ
π Read
via "National Vulnerability Database".
The Order Tracking Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the order status parameter in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers (admin or higher) to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This only affects multi-site installations and installations where unfiltered_html has been disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2352 βΌ
π Read
via "National Vulnerability Database".
The CHP Ads Block Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.9.4. This is due to missing or incorrect nonce validation on the chp_abd_action function. This makes it possible for unauthenticated attackers to update or reset plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3636 βΌ
π Read
via "National Vulnerability Database".
The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.6.4 due to insufficient restriction on the 'save_users_map_name' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'usernames' parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4000 βΌ
π Read
via "National Vulnerability Database".
The Waiting: One-click countdowns plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.6.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to create and delete countdowns, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2173 βΌ
π Read
via "National Vulnerability Database".
The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeos_delete_step_ajax_handler, badgeos_delete_award_step_ajax_handler, badgeos_delete_deduct_step_ajax_handler, and badgeos_delete_rank_req_step_ajax_handler functions. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4471 βΌ
π Read
via "National Vulnerability Database".
The Order Tracking Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the start_date and end_date parameters in versions up to, and including, 3.3.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4161 βΌ
π Read
via "National Vulnerability Database".
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90. This makes it possible for unauthenticated attackers to create invoice fields provided they can trick an admin into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4160 βΌ
π Read
via "National Vulnerability Database".
The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.2.90 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2188 βΌ
π Read
via "National Vulnerability Database".
The Colibri Page Builder for WordPress is vulnerable to SQL Injection via the Γ’β¬Λpost_idΓ’β¬β’ parameter in versions up to, and including, 1.0.227 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3162 βΌ
π Read
via "National Vulnerability Database".
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.7.7. This is due to insufficient verification on the user being supplied during a Stripe checkout through the plugin. This allows unauthenticated attackers to log in as users who have orders, who are typically customers.π Read
via "National Vulnerability Database".
π’ Telegramβs popularity continues to soar as catalog of available cyber crime services matures π’
π Read
via "ITPro".
The range of available services on Telegram includes sophisticated phishing kits, cheap stolen data, and access to industry insiders π Read
via "ITPro".
ITPro
Telegramβs popularity continues to soar as catalog of available cyber crime services matures
The range of available services on Telegram includes sophisticated phishing kits, cheap stolen data, and access to industry insiders
βΌ CVE-2023-41740 βΌ
π Read
via "National Vulnerability Database".
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41741 βΌ
π Read
via "National Vulnerability Database".
Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20900 βΌ
π Read
via "National Vulnerability Database".
VMware Tools contains a SAML token signature bypass vulnerability.Γ A malicious actor with man-in-the-middle (MITM) network positioning between vCenter server and the virtual machine may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41739 βΌ
π Read
via "National Vulnerability Database".
Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41738 βΌ
π Read
via "National Vulnerability Database".
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.π Read
via "National Vulnerability Database".
π’ NCSC, SBU reveal overt Russian cyber campaign as cyber war continues to evolve π’
π Read
via "ITPro".
Sandworm-linked threat actors gained access to battlefield tablets π Read
via "ITPro".
ITPro
NCSC, SBU reveal overt Russian cyber campaign as cyber war continues to evolve
Sandworm-linked threat actors gained access to battlefield tablets
π΄ Adversaries Ride RocketMQ Bug to DreamBus Bot Resurgence π΄
π Read
via "Dark Reading".
Last seen in 2021, DreamBus Monero crypto bot is back and finding new life on vulnerable RocketMQ servers. π Read
via "Dark Reading".
Dark Reading
Adversaries Ride RocketMQ Bug to DreamBus Bot Resurgence
Last seen in 2021, DreamBus Monero crypto bot is back and finding new life on vulnerable RocketMQ servers.
π΄ A Brief History of ICS-Tailored Attacks π΄
π Read
via "Dark Reading".
It's on the cyber defenders to learn from the past and make industrial control system networks hostile to attackers.π Read
via "Dark Reading".
Dark Reading
A Brief History of ICS-Tailored Attacks
It's on the cyber defenders to learn from the past and make industrial control system networks hostile to attackers.