BD Alarisâ„¢ Guardrailsâ„¢ Editor Security Vulnerabilities

CVE-2024-32488

In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files...

Kruxton 1.0 Shell Upload

...

CVE-2024-31262

Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a through...

CVE-2024-31262

Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a through...

CVE-2024-31262 WordPress WooCommerce Checkout Field Editor (Checkout Manager) plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a through...

Gutenverse < 1.9.1 - Contributor+ Stored XSS

Description The plugin does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC As a contributor, put the below code....

Carousel Slider < 2.2.10 - Editor+ Stored XSS

Description The plugin does not validate and escape some of its Slide options before outputting them back in the page/post where the related Slide shortcode is embed, which could allow users with the Editor role and above to perform Stored Cross-Site Scripting attacks PoC As an Editor, create/edit....

Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE < 2.6.9 - Contributor+ Stored Cross-Site Scripting via Block Attributes

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE < 2.6.9 - Author+ Stored XSS via SVG Upload

Description The plugin is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject...

Carousel Slider < 2.2.10 - Editor+ Stored XSS

Description The plugin does not validate and escape some of its Slide options before outputting them back in the page/post where the related Slide shortcode is embed, which could allow users with the Editor role and above to perform Stored Cross-Site Scripting...

Gutenverse < 1.9.1 - Contributor+ Stored XSS

Description The plugin does not validate the htmlTag option in various of its block before outputting it back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 193 vulnerabilities disclosed in 154...

CVE-2024-3344

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-3344

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-3343

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-3343

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-3343

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping on user supplied...

CVE-2024-3344

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG file upload in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for...

WooCommerce Checkout Field Editor (Checkout Manager) < 2.1.9 - Cross-Site Request Forgery

Description The WooCommerce Checkout Field Editor (Checkout Manager) plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.8. This is due to missing or incorrect nonce validation on the save_options() function. This makes it possible for...

Profile Builder < 3.11.3 - Restricted Email Bypass

Description The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to restricted email domain bypass in all versions up to, and including, 3.11.2. This makes it possible for unauthenticated attackers to register with emails....

CVE-2024-31988

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by....

CVE-2024-31988

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by....

CVE-2024-31988

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by....

CVE-2024-31988 XWiki Platform CSRF remote code execution through the realtime HTML Converter API

XWiki Platform is a generic wiki platform. Starting in version 13.9-rc-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, when the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by....

CVE-2024-31430

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional:....

CVE-2024-31430

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional:....

CVE-2024-31430 Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional:....

XWiki Platform remote code execution from account through UIExtension parameters

Impact Parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create UI extensions. This allows remote code execution and thereby impacts the confidentiality, integrity and...

XWiki Platform remote code execution from account through UIExtension parameters

Impact Parameters of UI extensions are always interpreted as Velocity code and executed with programming rights. Any user with edit right on any document like the user's own profile can create UI extensions. This allows remote code execution and thereby impacts the confidentiality, integrity and...

XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the...

XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the...

XWiki Platform: Privilege escalation (PR) from user registration through PDFClass

Impact Remote code execution is possible via PDF export templates. To reproduce on an installation, register a new user account with username PDFClass if XWiki.PDFClass does not exist. On XWiki.PDFClass, use the class editor to add a "style" property of type "TextArea" and content type "Plain...

XWiki Platform: Privilege escalation (PR) from user registration through PDFClass

Impact Remote code execution is possible via PDF export templates. To reproduce on an installation, register a new user account with username PDFClass if XWiki.PDFClass does not exist. On XWiki.PDFClass, use the class editor to add a "style" property of type "TextArea" and content type "Plain...

Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core

WordPress 6.5.2 was released yesterday, on April 9, 2024. It included a single security patch, along with a handful of bug fixes. The security patch was for a Stored Cross-Site Scripting vulnerability that could be exploited by both unauthenticated users, when a comment block is present on a page,....

[SECURITY] Fedora 38 Update: emacs-29.3-1.fc38

Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for X...

WP < 6.5.2 - Unauthenticated Stored XSS

Description WordPress does not escape the Author name of its Avatar block when some settings are enabled, leading to Stored Cross-Site Scripting. In a default setup, contributor and above users could perform such attack. However, if the blog is using the mentioned settings in the comment template,....

ROS-20240410-15

A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of...

WP < 6.5.2 - Unauthenticated Stored XSS

Description WordPress does not escape the Author name of its Avatar block when some settings are enabled, leading to Stored Cross-Site Scripting. In a default setup, contributor and above users could perform such attack. However, if the blog is using the mentioned settings in the comment template,....

Carousel Slider < 2.2.7 - Editor+ Stored Cross-Site Scripting

Description The plugin is vulnerable to Reflected Cross-Site Scripting via the Slides Per View parameter in all versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

JVN#70977403: Multiple vulnerabilities in a-blog cms

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in Entry editing pages (CWE-79) CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2024-30419 Server-side request forgery (CWE-918)...

CVE-2024-2693

The Link Whisper Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.7.1 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This makes it possible for authenticated attackers, with contributor-level access and above,.....

CVE-2024-2693

The Link Whisper Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.7.1 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This makes it possible for authenticated attackers, with contributor-level access and above,.....

CVE-2024-2344

The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted...

CVE-2024-2344

The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted...

CVE-2024-2226

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This...

CVE-2024-2226

The Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id parameter in the google-map block in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping. This...

CVE-2024-0598

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-0598

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-2344

The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted...

CVE-2024-0598

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization and output escaping. This makes it possible for...