uListing < 2.0.6 - Settings Update via CSRF
A Settings Update via CSRF vulnerability was discovered in the plugin. Missing WPNonce security tokens [ https://codex.wordpress.org/WordPress_Nonces ]. PoC PoC #1 | CSRF | Main Settings Update: POST /wp-admin/admin-ajax.php HTTP/2 Host: example.com Cookie: [admin cookies] User-Agent: Mozilla/5.0.....
0.2AI Score
GiveWP < 2.12.0 - Authenticated Stored XSS
The plugin did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them. PoC Put the following payload in any Donation Level Text field of a Donation Form (ie...
1.6AI Score
GiveWP < 2.12.0 - Authenticated Stored XSS
The plugin did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in...
0.5AI Score
WordPress Paytm plugin <= 1.3.2 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection (SQLi) vulnerability discovered by Shreya Pohekar in WordPress Paytm plugin (versions <= 1.3.2). Solution This plugin has been closed as of June 3, 2021 and is not available for download. Reason: Security...
7.2CVSS
3.4AI Score
Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue PoC GET...
1.6AI Score
Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection
The plugin does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection...
1.8AI Score
A researcher discovered that it was possible to access a subset of livemode dashboard functionality without verifying the account's email address. The livemode functionality in question was disabled in the UI, but could be accessed on the backend. Following this report, Stripe performed an...
6.5AI Score
ID theft ghouls targeting Surfside victims is appalling, but no surprise
We’ve written at length about account compromise and identity theft, and how criminals will often hijack accounts belonging to dead people. In many ways, it’s the perfect crime for anyone indulging in social engineering. The amount of abandoned accounts due to death can only ever go up, and nobody....
-0.4AI Score
Charitable - Donation Plugin < 1.6.51 - Unauthenticated Stored Cross-Site Scripting
While fixing an Authenticated Stored Cross-Site Scripting issue (https://wpscan.com/vulnerability/a5837621-ee6e-4876-9f65-82658fc0341f), the vendor identified another Cross-Site Scripting issue, which could be exploited by unauthenticated users and would be triggered in the context of a logged in.....
AI Score
Charitable - Donation Plugin < 1.6.51 - Unauthenticated Stored Cross-Site Scripting
While fixing an Authenticated Stored Cross-Site Scripting issue (https://wpscan.com/vulnerability/a5837621-ee6e-4876-9f65-82658fc0341f), the vendor identified another Cross-Site Scripting issue, which could be exploited by unauthenticated users and would be triggered in the context of a logged in.....
AI Score
Charitable – Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation...
0.7AI Score
Charitable – Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature. PoC 1. Go to /wp-admin/edit.php?post_type=donation 2. Add new donation 3. In the first or last name forms, add the XSS payload 4. Save and the XSS payload will be...
1.8AI Score
Unbreakable Enterprise kernel security update
[5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert Allow mce to reset instead of panic on UE (William Roche) ...
7.8CVSS
0.1AI Score
Unbreakable Enterprise kernel-container security update
[5.4.17-2102.203.5] - rds/ib: move rds_ib_clear_irq_miss() to .h file (Manjunath Patil) [Orabug: 33044344] [5.4.17-2102.203.4] - rds/ib: recover rds connection from interrupt loss scenario (Manjunath Patil) [Orabug: 32974199] - Revert 'Allow mce to reset instead of panic on UE' (William...
7.8CVSS
0.1AI Score
Stripe: HTML Injection in the Invoice memos field
Summary: In customer invoices a memo field is vulnerable to HTML injection. So i can takeover any victim's account with auto-save functionality through HTML injection. Basically when we saved the login credential in our browser & tried to login into the account the browser automatically fills the.....
7.5AI Score
Stripe: Email change or personal data change on the account.
@dk82hg found the email change flow on indiehackers.com was vulnerable to an insecure direct object reference (IDOR) which allowed an attacker to change the email associated with a user account to one they owned and ultimately take over a victim’s account in certain situations. A fix was shipped...
7AI Score
3 Takeaways From The 2021 VDBIR: It’s An Appandemic
VDBIR Overview “Appandemic” sounds a bit like “appendectomy.” From a societal standpoint, it’s almost as alarming — if not more so — as the surgical procedure is from a personal standpoint. Because in the midst of the global pandemic we’ve all experienced over the past year and a half, web...
AI Score
Musk-Themed '$SpaceX' Cryptoscam Invades YouTube Ads
YouTube fans have been swindled out of almost $1 million (and counting) thanks to an extremely convincing fake SpaceX crypto-coin campaign that uses a popular decentralized finance protocol called Uniswap. The scam is rearing its Elon-Musk-themed head in ads on YouTube that show up before and...
-0.5AI Score
How Cyber Sleuths Cracked an ATM Shimmer Gang
In 2015, police departments worldwide started finding ATMs compromised with advanced new "shimming" devices made to steal data from chip card transactions. Authorities in the United States and abroad had seized many of these shimmers, but for years couldn't decrypt the data on the devices. This is....
7AI Score
User deposits can be turned into sponsors and then be stolen
Handle cmichel Vulnerability details Vulnerability Details When a user deposits to the treasury they first approve the contract and then call its deposit action which performs an ERC20.transferFrom. It's possible for an attacker to frontrun the final deposit transaction after the user approval and....
6.9AI Score
Stripe Payment Gateway for WooCommerce < 3.6.0 - Reflected Cross-Site Scripting (XSS)
The plugin did not sanitise or escape the page parameter before outputting back in an attribute, leading to a reflected Cross-Site Scripting...
-0.2AI Score
Stripe Payment Gateway for WooCommerce < 3.6.0 - Reflected Cross-Site Scripting (XSS)
The plugin did not sanitise or escape the page parameter before outputting back in an attribute, leading to a reflected Cross-Site Scripting issue...
1AI Score
Reflected Cross-Site Scripting (XSS) vulnerability discovered in WordPress Stripe Payment Gateway for WooCommerce plugin (versions <= 3.5.9). Solution Update the WordPress Stripe Payment Gateway for WooCommerce plugin to the latest available version (at least...
2.3AI Score
5.3AI Score
0.001EPSS
6.4AI Score
0.001EPSS
@worker-tools/stripe-webhook is vulnerable to denial of service. The verifyHeader is not an async function in the webhook and causes an error to be thrown after the request has...
2.7AI Score
constructEvent does not verify header
Impact Anyone verifying a Stripe webhook request via this library's constructEvent function. Patches Upgrade to 1.1.4. Workarounds Use await verifyHeader(...) directly instead of constructEvent. References...
1.5AI Score
constructEvent does not verify header
Impact Anyone verifying a Stripe webhook request via this library's constructEvent function. Patches Upgrade to 1.1.4. Workarounds Use await verifyHeader(...) directly instead of constructEvent. References...
1.5AI Score
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.4 did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS...
4.8CVSS
4.8AI Score
0.001EPSS
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.4 did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS...
4.8CVSS
4.7AI Score
0.001EPSS
CVE-2021-24315 Give WP < 2.10.4 - Authenticated Stored Cross-Site Scripting (XSS)
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.4 did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS...
5.4AI Score
0.001EPSS
Cross-site Scripting (XSS) - Generic in utmsigep/member-directory
✍️ Description Non-administrative functions display success banners after multiple actions that reflect user-input directly without sanitization. 🕵️♂️ Proof of Concept Donation Creation and Update Donations - New Donation Enter XSS payloads into the fields Last Name, First Name and Receipt ID,...
1AI Score
DarkSide Suffers ‘Oh, Crap!’ Server Shutdowns
DarkSide, the ransomware-as-a-server (RaaS) gang that crippled Colonial Pipeline Co. a week ago, extorted around $5 million, and sent the fuel company a decryption tool that reportedly could barely limp through the process of unlocking files, has now been paralyzed itself. In the wee hours of...
-0.6AI Score
Echelon PII Leak and Disclosure Fail
Echelon (Echelon Fitness) is a competitor to companies such as Peloton. You buy the hardware, quickly assemble it, buy a subscription, use a built-in or external smart device and you do your exercise thing! However, their API had significantly worse security flaws than those we found in Peloton....
6.6AI Score
DarkSide Wanted Money, Not Disruption from Colonial Pipeline Attack
Threat actors behind last week’s Colonial Pipeline ransomware attack that crippled a major U.S. oil pipeline said that financial gain–not political, economic or social disruption–is the goal of their nefarious activities, vowing to choose their targets more carefully in the future. Join...
-0.2AI Score
Colonial Pipeline's Ransomware Attack Sparks Emergency Declaration
The Biden administration has declared a state of emergency that covers 17 states and Washington D.C. in the wake of the ransomware attack on the Colonial Pipeline Co., and is working with Colonial to restart operations. On Monday morning, FireEye also confirmed to Threatpost that it’s been called.....
-0.2AI Score
Stripe: Object injection in `stripe-billing-typographic` GitHub project via /auth/login
Summary: It is possible to use an object injection failure to achieve a sql injection, where attacker uses the means to bypass authentication, requiring only a valid password within the database. The vulnerable code is: https://github.com/stripe/stripe-billing-typographic For a failure to occur,...
7.7AI Score
Give WP < 2.10.4 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS issues. Notes (WPScanTeam) - The original reporter mentioned the issue being fixed in 2.10.2, but we could still...
4.8CVSS
0.7AI Score
Give WP < 2.10.4 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS issues. Notes (WPScanTeam) - The original reporter mentioned the issue being fixed in 2.10.2, but we could still...
4.8CVSS
0.1AI Score
Easy Digital Downloads < 2.10.3 - Unauthorised Stripe Disconnect via CSRF
The plugin did not property check for CSRF when disconnecting Stripe, allowing attackers to make logged in users with the manage_options capability disconnect the Stripe gateway via a CSRF attack. PoC...
2.8AI Score
Easy Digital Downloads < 2.10.3 - Unauthorised Stripe Disconnect via CSRF
The plugin did not property check for CSRF when disconnecting Stripe, allowing attackers to make logged in users with the manage_options capability disconnect the Stripe gateway via a CSRF...
3.7AI Score
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors...
6.1CVSS
6AI Score
0.001EPSS
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors...
6.1CVSS
6AI Score
0.001EPSS
CVE-2021-24213 GiveWP < 2.10.0 - Reflected Cross Site Scripting (XSS)
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the 's' GET parameter on the Donors...
5.9AI Score
0.001EPSS
Behind GitHub’s new authentication token formats
We're excited to share a deep dive into how our new authentication token formats are built and how these improvements are keeping your tokens more secure. As we continue to focus on the security of our platform and services across the web, this update shows how big an impact simple changes can...
-0.2AI Score
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context.....
7.8CVSS
7.3AI Score
0.001EPSS
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context.....
7.8CVSS
7.7AI Score
0.001EPSS
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context.....
7.8CVSS
7.7AI Score
0.001EPSS
CVE-2021-21420 Vulnerability in Stripe for Visual Studio Code < 1.7.3
vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context.....
7.8AI Score
0.001EPSS
Fraud Ring Launders Money Via Fake Charity Donations
A money-laundering fraud ring is targeting donation sites, taking advantage of the outpouring of charity sparked by the global pandemic. Dubbed Cart Crasher by the Sift security firm, the fraud ring leverages guest checkout options on donation sites to steal money and launder stolen payment cards.....
-0.8AI Score