Accept Stripe Donation – AidWP Security Vulnerabilities

Security update for trivy (moderate)

An update that fixes one vulnerability is now available. Description: This update for trivy fixes the following issues: trivy was updated to version 0.30.4: fix: remove the first arg when running as a plugin (#2595) fix: k8s controlplaner scanning (#2593) fix(vuln): GitLab report template...

CVE-2022-2260

The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the...

CVE-2022-2215

The GiveWP WordPress plugin before 2.21.3 does not properly sanitise and escape the currency settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite...

Security update for the Linux Kernel (important)

An update that solves 48 vulnerabilities, contains 26 features and has 202 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch...

Malicious code in stripe-demo-connect-standard-saas-platform (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (b5cafd56f9364c09c2668c7979765cad3c44a8090978dadf22d3806503bb661b) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security update for the Linux Kernel (important)

An update that solves 49 vulnerabilities, contains 26 features and has 207 fixes is now available. Description: The SUSE Linux Enterprise 15 SP4 kernel was updated. The following security bugs were fixed: CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch...

WordPress plugin Accept Stripe Payments跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. Cross-site scripting vulnerabilities exist in versions of the WordPress plugin prior to Accept Stripe...

CVE-2022-2117

The GiveWP plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to, and including, 2.20.2 via the /donor-wall REST-API endpoint which provides unauthenticated users with donor information even when the donor wall is not enabled. This functionality has been...

CVE-2022-2194

The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is...

Cross site scripting

The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is...

CVE-2022-2194 Accept Stripe Payments < 2.0.64 - Admin+ Stored Cross-Site Scripting

The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is...

Stripe: CSRF in Importing CSV files [app.taxjar.com]

Greetings! Basically, app.taxjar.com has a feature where we can import Transactions from CSV files. I've found that there is lack of CSRF protection in importing CSV documents. I was able to successfully craft a CSRF request. Steps to reproduce Go to app.taxjar.com Create two accounts. Alex and...

Stripe: Mass account takeover!

@akashhamal0x01 discovered an Organization Owner could update the email address of a member of their organization in TaxJar. This could have allowed an attacker to take over a victim’s account if the victim belonged to the attacker’s organization. The vulnerability was caused by the ability to...

WordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Read via Export function vulnerability

Authenticated Arbitrary File Read via Export function vulnerability discovered by Rafie Muhammad aka Yeraisci (Patchstack Alliance) in WordPress GiveWP plugin (versions &lt;= 2.20.2). Solution Update the WordPress GiveWP plugin to the latest available version (at least...

WordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Creation via Export function vulnerability

Authenticated Arbitrary File Creation via Export function vulnerability discovered by Rafie Muhammad aka Yeraisci (Patchstack Alliance) in WordPress GiveWP plugin (versions &lt;= 2.20.2). Solution Update the WordPress GiveWP plugin to the latest available version (at least...

GiveWP < 2.21.3 - DoS via CSRF

The plugin does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to...

GiveWP < 2.21.3 - DoS via CSRF

The plugin does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to...

WordPress Accept Stripe Payments plugin <= 2.0.63 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by iohex in WordPress Accept Stripe Payments plugin (versions &lt;= 2.0.63). Solution Update the WordPress Stripe Payments plugin to the latest available version (at least...

Malicious code in stripe-samples (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (eed5067e542e3a2fdea5c5b545e9cae51b61ab515bc883d8e743c28d6b31038f) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in firestore-stripe-payments-js (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (30a954dab9c9b1ad5f59a18d120d64769401f36ce122fc130f6bd1e34286647e) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vscode-stripe (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (d1d0c32db564ed63889f6b2cbab203b6f3cf1d7b3a76bdc5c32e8637ba4e8a62) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in stripe-sample-checkout-with-multiple-locales (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (1a5127c9b20f47a124652e677f9daad7de2b92db74de80d7159546e92c175584) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in stripe-identity-react-native (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (b5745048e2b6cbb598d400a01404828533cdfe3202554f269418b9a1b12205e6) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-1610

The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF...

Adconion Execs Plead Guilty in Federal Anti-Spam Case

At the outset of their federal criminal trial for hijacking vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct (now Amobee) have pleaded guilty to lesser misdemeanor charges of fraud and...

Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users

Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds. "As cryptocurrency and non-fungible tokens (NFTs) become more mainstream, and...

WordPress WP Fundraising Donation and Crowdfunding Platform SQL Injection Vulnerability

WordPress and others are products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. crow and others are open source products. crow is a C micro framework for running Web services. WordPress WP...

Sql injection

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated...

CVE-2022-0788

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated...

Malicious code in stripe-ms (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (6768625a605caa8f499ca468486f47122cb94054148e3489c677ca9fb25edc28) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

FBI warns of scammers soliciting donations for Ukraine

The FBI recently issued an announcement about a fraudulent scheme that proves there is no low that's too low for scammers. "Criminal actors are taking advantage of the crisis in Ukraine by posing as Ukrainian entities needing humanitarian aid or developing fundraising efforts, including monetary...

CVE-2022-0788 WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi

The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated...

Malicious code in stripe-connect-rocketrides (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (7e97a2c94dcfd44ffb0f5732e910f9abf4e1c2e2d188c646dfb13cb8fd1c4eef) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

First pool depositor can break minting of shares

Lines of code Vulnerability details Impact First depositor of the pool can break minting of the Bath Token shares Proof of Concept An attacker -who is the first one to deposit- sends 1 wei and bypasses (totalSupply == 0) condition. Later a very large amount of donation to the pool and inflates...

First depositor can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept In BathToken.sol:569-571, the...

Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF...

Stripe: Mass Account Takeover at https://app.taxjar.com/ - No user Interaction

@beerboy_ankit discovered an IDOR in the user invite link in Taxjar. This could have allowed an attacker to take over a user's account. The vulnerability was caused by a leaked token in the delete invitation request feature and resolved by using the invitation ID instead of the token to look up...

How Secrets Lurking in Source Code Lead to Major Breaches

If one word could sum up the 2021 infosecurity year (well, actually three), it would be these: "supply chain attack". A software supply chain attack happens when hackers manipulate the code in third-party software components to compromise the 'downstream' applications that use them. In 2021, we...

Smokescreen SSRF via deny list bypass (square brackets)

Impact The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs....

Smokescreen SSRF via deny list bypass (square brackets)

Impact The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs....

Stripe: Bypassing domain deny_list rule in Smokescreen via double brackets [[]] which leads to SSRF

@sim4n6 discovered a bypass of the domain deny_list rule in github.com/stripe/smokescreen using double brackets. This could have led to a server-side request forgery (SSRF) vulnerability for users of smokescreen. The vulnerability was caused by only stripping one set of brackets before processing.....

Eight years of the GitHub Security Bug Bounty program

GitHub celebrated yet another record breaking year for our Security Bug Bounty Program in 2021! We’re excited to announce that we recently passed $2,000,000 in total payments to researchers, just two years after we crossed the $1,000,000 mark in 2019. Within the last year, we have paid out over...

Server-Side Request Forgery (SSRF)

github.com/stripe/smokescreen is vulnerable to server-side request forgery. The vulnerability exists in BuildProxy and handleConnect functions in smokescreen.go due to the deny list option that smokescreen offers which allows an attacker to bypass the deny list...

CVE-2022-29188

Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to...

Server side request forgery (ssrf)

Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to...

CVE-2022-29188

Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to...

Stripe: Limited path traversal in Node.js SDK leads to PII disclosure

Summary: It is possible to use . and .. as identifier in all API methods, which leads to calling the parent api method. Next, I will describe the problem using checkout sessions as an example, because it is the most basic one. However, other methods are also vulnerable to this problem. For...

College closes down after ransomware attack

Lincoln College, one of the few rural schools in Illinois, said that it will permanently close on Friday, May 13, after 157 years, partly due to the impacts of the COVID-19 pandemic and partly due to a long recovery after a ransomware attack in December 2021. The institution notified the Illinois.....

WordPress WP Fundraising Donation and Crowdfunding Platform plugin < 1.5.0 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection (SQLi) vulnerability discovered by cydave in WordPress WP Fundraising Donation and Crowdfunding Platform plugin (versions &lt; 1.5.0). Solution Update the WordPress WP Fundraising Donation and Crowdfunding Platform plugin to the latest available version (at...

WordPress plugin Metform information leakage vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Metform is vulnerable to an information disclosure vulnerability, which stems from...