WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
The plugin does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users PoC curl 'https://example.com/index.php?rest_route=/xs-donate-form/payment-redirect/3' \ --data '{"id": "(SELECT 1...
9.8CVSS
3.5AI Score
WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi
The plugin does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated...
9.8CVSS
1.6AI Score
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe,...
7.5CVSS
7.3AI Score
0.043EPSS
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe,...
7.5CVSS
7.3AI Score
0.041EPSS
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe,...
7.3AI Score
0.041EPSS
Tomcat Servlet Examples were accessible from the internet. This report demonstrated that it was possible to disclose IP addresses of internal application...
6.8AI Score
Fake USA for UNHCR site wants your Ukraine donations in Bitcoin
Since Russia began invading Ukraine in late February, many organizations have set up donation pages to aid the most heavily affected: Families who were forced out of their homes due to bombings and children separated from grown-ups who decided to stay and take arms. We've also seen a considerable.....
-0.3AI Score
Elon Musk-themed cryptocurrency scam uses fake Medium as the promotion site
So Elon Musk is buying Twitter, and you can be sure that scammers are making the most of this news. As Elon Musk spends most of the week in the headlines, so pop up Elon Musk-themed scams—and it looks like they may be ramping up. We witnessed a flurry of replies from the man himself in response...
-0.4AI Score
The Donorbox WordPress plugin before 7.1.7 does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is...
4.8CVSS
4.8AI Score
0.001EPSS
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploads North Korean Lazarus APT group targets blockchain tech companies Watch out for Ukraine donation scammers in Twitter replies Beware tragic “my daughter died…” Facebook posts offering free PS5s US warns of APT groups.....
0.8AI Score
Metform Elementor Contact Form Builder < 2.1.4 - Unauthenticated API keys and Secrets Disclosure
The is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs such as PayPal, Stripe, Mailchimp, Hubspot, HelpScout,...
7.5CVSS
1.2AI Score
The fake Elon Musk Bitcoin giveaway marathon will NOT make you rich
Today we look at a fakeout which begins with Elon Musk, and ends with a trip to Mars (or, if you're really lucky, the Sun). One of the most annoying “features” of Twitter is being added to lists without permission. It's a theoretically useful way to keep track of certain topics. It’s often also...
-0.2AI Score
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an.....
5.3CVSS
6.9AI Score
0.001EPSS
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an.....
5.3CVSS
5.3AI Score
0.001EPSS
Server side request forgery (ssrf)
Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an.....
5.3CVSS
5.3AI Score
0.001EPSS
Watch out for Ukraine donation scammers in Twitter replies
The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works. These scams can also be found on social media. Faking donations on Twitter Some users of social media have become very...
0.2AI Score
Bypass Protection For Server-side Request Forgery (SSRF)
github.com/stripe/smokescreen is vulnerable to Bypass protection for sever-side request forgery. Appending a dot to the end of user-supplied URLs, or by providing input in a different letter case allows an attacker to bypass the deny list feature of the...
5.3CVSS
3.8AI Score
Multiple Plugins from Cool Plugins - Subscriber+ Arbitrary Plugin Installation & Activation
Multiple plugins from the Cool Plugins vendor are missing capability and proper CSRF check in the cool_plugins_install and cool_plugins_activate AJAX actions, available to any authenticated users, allowing them to install and activate arbitrary plugins via an archive hosted on a remote server they....
4.5AI Score
yVault: First depositor can break minting of shares
Lines of code Vulnerability details Details The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept Attacker deposits 1 wei to mint 1...
6.7AI Score
Smokescreen SSRF via deny list bypass
The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way....
5.3CVSS
2.8AI Score
0.001EPSS
Smokescreen SSRF via deny list bypass
The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way....
2.8AI Score
0.001EPSS
Beware Ukraine-themed fundraising scams
Unfortunately scammers continue to focus on the invasion of Ukraine to make money. A flurry of bogus domains and scam techniques are spreading their wings. They appear to focus on donation fakeouts but there’s a few other nasty surprises lying in wait too. The lowest of the low There are few lower....
0.4AI Score
Arbitrary Plugin Activation vulnerability discovered by Jerome Bruandet (NinTechNet) in WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin (versions <= 1.7). Solution Update the WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin to the...
3.2AI Score
Arbitrary Plugin Installation vulnerability discovered by Jerome Bruandet (NinTechNet) in WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin (versions <= 1.7). Solution Update the WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations plugin to the...
3.4AI Score
The Smokescreen proxy is an open source project written and maintained by Stripe to restrict the URLs that internal services can connect to. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of our...
6.5CVSS
6.3AI Score
0.001EPSS
Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape its Campaign URL settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed PoC Put the following payload in the Campaign URL settings of the plugin:...
4.8CVSS
1AI Score
-0.3AI Score
LAZYPARIAH - A Tool For Generating Reverse Shell Payloads On The Fly
A low-dependency command-line tool for generating reverse shell payloads on the fly. Description LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse...
0.9AI Score
WordPress Donorbox plugin <= 7.1.6 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting (XSS) vulnerability was discovered by Hassan Khan Yusufzai (Splint3r7) in the WordPress Donorbox plugin (versions <= 7.1.6). Solution Update the WordPress Donorbox plugin to the latest available version (at least...
1AI Score
First depositor can break minting of shares
Lines of code Vulnerability details Details The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept Attacker deposits 2 wei (so that it...
6.7AI Score
WordPress Accept Stripe Payments plugin <= 2.0.53 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Accept Stripe Payments plugin (versions <= 2.0.53). Solution Update the WordPress Accept Stripe Payments plugin to the latest available version (at least...
2.6AI Score
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
Looking to cyber-hassle Russia, Ukrainian sympathizers? Be careful — malware is making the rounds, disguised as a pro-Ukraine cyber-tool that will turn around and bite you instead, researchers are warning. In a Wednesday threat advisory, Cisco Talos described a campaign it’s observed in which a...
10CVSS
AI Score
Code injection in Stripe CLI on windows
Impact A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux are unaffected. An attacker who successfully exploits the...
3AI Score
0.0004EPSS
Code injection in Stripe CLI on windows
Impact A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux are unaffected. An attacker who successfully exploits the...
7CVSS
3AI Score
0.0004EPSS
github.com/stripe/stripe-cli is vulnerable to arbitrary code execution. An attacker can inject and execute malicious commands through the stripe login, stripe config -e, stripe community, and stripe open in...
7CVSS
4.6AI Score
Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux....
7CVSS
7.3AI Score
0.0004EPSS
Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux....
7CVSS
7AI Score
0.0004EPSS
Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux....
7CVSS
7AI Score
0.0004EPSS
CVE-2022-24753 Code injection in Stripe CLI on windows
Stripe CLI is a command-line tool for the Stripe eCommerce platform. A vulnerability in Stripe CLI exists on Windows when certain commands are run in a directory where an attacker has planted files. The commands are stripe login, stripe config -e, stripe community, and stripe open. MacOS and Linux....
7.1AI Score
0.0004EPSS
When fake dating profiles try the military approach
I’ve run into many romance scams over the years. You’ll find them lurking on social media, instant messaging, chatrooms/forums, and many more besides. They’re particularly popular during times of war or natural disaster, as they often dovetail into donation and charity scams. The icing on the cake....
AI Score
Security update for the Linux Kernel (important)
An update that solves 6 vulnerabilities, contains three features and has 56 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer...
7.8CVSS
-0.3AI Score
Security update for the Linux Kernel (important)
An update that solves 6 vulnerabilities, contains three features and has 50 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer...
7.8CVSS
-0.3AI Score
Osmedeus - A Workflow Engine For Offensive Security
A Workflow Engine For Offensive Security Installation NOTE that you need some essential tools like curl, wget, git, zip and login as root to start bash -c "$(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install.sh)" Build the engine from source Make sure you...
-0.1AI Score
donation-tracker.de Improper Access Control vulnerability OBB-2410129
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
0.1AI Score
Don’t fall for the “Donate to help children in Ukraine” scam
Earlier this week, we spotted a Microsoft sign-in phish that appeared to be taking advantage of the Ukraine crisis in order to scam people. The email warned of unauthorized log in attempts to the recipient's account, and the location of those attempts was listed as "Russia/Moscow". We probably...
0.2AI Score
6.3AI Score
0.001EPSS
Unauthorised AJAX Calls via Freemius
The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle....
2.7AI Score
WordPress Stripe Express plugin < 1.7.7 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Stripe Express plugin (versions < 1.7.7). Solution Update the WordPress Stripe Express plugin to the latest available version (at least...
2AI Score
Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress China Payments plugin (versions <= 2.3.6). Solution Update the WordPress China Payments plugin to the latest available version (at least...
4.2AI Score
Unauthorised AJAX Calls via Freemius
The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle....
6.7AI Score