Countdown, Coming Soon, Maintenance – Countdown & Clock Security Vulnerabilities

$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin

🎉 Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On February 25th, 2024, during our second Bug Bounty...

April 9, 2024-KB5036620 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2

April 9, 2024-KB5036620 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2 Release Date: April 9, 2024 Version: .NET Framework 3.5 and 4.8.1 The April 9, 2024 update for Windows 11, version 22H2 and Windows 11, version 23H2 includes...

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447)

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2 will...

April 9, 2024-KB5036609 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

April 9, 2024-KB5036609 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: April 9, 2024 Version: .NET Framework 4.8 The April 9, 2024 update for Windows 10, version 1607 and Windows Server 2016 includes security and cumulative reliability...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12271)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12271 advisory. [5.4.17-2136.330.7.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan...

April 9, 2024-KB5036617 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2

April 9, 2024-KB5036617 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 Release Date: April 9, 2024 Version: .NET Framework 3.5 and 4.8.1 The April 9, 2024 update for Microsoft server operating system, version 23H2 includes security and...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6724-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6724-1 advisory. Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12272)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12272 advisory. [5.15.0-205.149.5.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug:...

CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

WordPress 6.0 < 6.5.2

WordPress versions 6.0 &lt; 6.5.2 are affected by one or more...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2024:1102-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1102-1 advisory. Information exposure through microarchitectural state after transient execution from some...

Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said.....

CVE-2023-52388

Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect...

CVE-2023-52388

Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect...

CVE-2023-52388

Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulnerability will affect...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1509)

The remote host is missing an update for the Huawei...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el7] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

Unbreakable Enterprise kernel security update

[5.15.0-205.149.5.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Enumerate Branch...

Unbreakable Enterprise kernel security update

[5.4.17-2136.330.7.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.330.7.1.el8] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate...

Unbreakable Enterprise kernel security update

[4.14.35-2047.535.2.1] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [Orabug: 36467681] {CVE-2024-1086} [4.14.35-2047.535.2] - Fix null ptr in rds_tcp_recv_path (Allison Henderson) [Orabug: 33499812] - LTS version: v4.14.338 (Saeed Mirzamohammadi) - crypto:...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-1509)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue...

My Maintenance Policy

I wrote a short document describing how I maintain open source projects, to link it from my global CODE_OF_CONDUCT, CONTRIBUTING, and SECURITY files. It talks about how I prefer issues to PRs, how I work in batches, and how I'm trigger-happy with bans. It's all about setting expectations. It got...

Security Bulletin: There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application (CVE-2024-21634)

Summary There is a vulnerability in Amazon Ion used by IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2024-21634 DESCRIPTION: **Amazon Ion is vulnerable to a denial of service, caused by a stack-based overflow in ion-java for applications. By sending a specially...

Security Bulletin: There is a vulnerability in HTTP/2 protocol used by Netty on IBM Maximo Asset Management application (CVE-2023-44487)

Summary There is a vulnerability in HTTP/2 protocol used by Netty on IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2023-44487 DESCRIPTION: **Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling multiplexed streams in the HTTP/2...

$657 Bounty Awarded for Arbitrary File Upload Patched in WEmanage App Worker WordPress Plugin

On February 1st, 2024, during our Bug Bounty Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in Management App for WooCommerce, a WordPress plugin with 1,000+ active installations. This vulnerability makes it possible for authenticated users such as subscribers...

CVE-2024-3321

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-3321

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-3321 SourceCodester eLearning System Maintenance Module cross site scripting

A vulnerability classified as problematic has been found in SourceCodester eLearning System 1.0. This affects an unknown part of the component Maintenance Module. The manipulation of the argument Subject Code/Description leads to cross site scripting. It is possible to initiate the attack...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 25, 2024 to March 31, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 405 vulnerabilities disclosed in 320...

Security Bulletin: Denial of service vulnerability in Johnzon affects IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details ** CVEID: CVE-2023-33008 DESCRIPTION: **Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON...

What’s New in Rapid7 Products & Services: Q1 2024 in Review

We kicked off 2024 with a continued focus on bringing security professionals (which if you're reading this blog, is likely you!) the tools and functionality needed to anticipate risks, pinpoint threats, and respond faster with confidence. Below we’ve highlighted some key releases and updates from.....

Chiasmodon - An OSINT Tool Designed To Assist In The Process Of Gathering Information About A Target Domain

Chiasmodon is an OSINT (Open Source Intelligence) tool designed to assist in the process of gathering information about a target domain. Its primary functionality revolves around searching for domain-related data, including domain emails, domain credentials (usernames and passwords), CIDRs...

CVE-2024-1418

The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is...

CVE-2024-1418

The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is...

CVE-2024-1418

The CGC Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2 via the REST API. This makes it possible for unauthenticated attackers to view protected posts via REST API even when maintenance mode is...

CVE-2024-2803

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-2803

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-2803

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-26711

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4130: zero-initialize clock init data The clk_init_data struct does not have all its members initialized, causing issues when trying to expose the internal clock on the CLK pin. Fix this by zero-initializing the...

ElementsKit Elementor addons < 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

Description The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the countdown widget in all versions up to, and including, 3.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CMP – Coming Soon & Maintenance < 4.1.11 - Authenticated (Admin+) Server-Side Request Forgery

Description The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.10. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests.....

CVE-2024-31210

WordPress is an open publishing platform for the Web. It's possible for a file of a type other than a zip file to be submitted as a new plugin by an administrative user on the Plugins -&gt; Add New -&gt; Upload Plugin screen in WordPress. If FTP credentials are requested for installation (in order ...

Finale Lite < 2.18.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation

Description The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 2.18.0. This makes it possible for authenticated attackers, with...

Gutenberg Blocks by Kadence Blocks – Page Builder Features < 3.2.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown and CountUp Widget

Description The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown and CountUp Widget in all versions up to, and including, 3.2.31 due to insufficient input sanitization and output escaping on user supplied....

CVE-2024-30255

A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which...

Google Chrome gets &#8216;Device Bound Session Credentials&#8217; to stop cookie theft

Google has announced the introduction of Device Bound Session Credentials (DBSC) to secure Chrome users against cookie theft. In January we reported how hackers found a way to gain unauthorized access to Google accounts, bypassing multi-factor authentication (MFA), by stealing authentication...

CVE-2024-31309

A vulnerability was found in how Apache Traffic Server implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable...

CVE-2024-28182

A vulnerability was found in how nghttp2 implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which...

CVE-2024-27983

A vulnerability was found in how Node.js implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated, remote attacker to send packets to vulnerable servers, which...