Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki...
7.5AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 8, 2024 to January 14, 2024)
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress themes that have been added to the Wordfence...
9.8CVSS
9.2AI Score
0.043EPSS
How CISOs’ Roles – and Security Operations – Will Change in 2024
It’s fair to say that 2023 was a turning point for the cybersecurity industry, and no one felt it more than the CISO. From the onslaught of ransomware and zero-day attacks, to the SEC’s new reporting rules, and added to technological innovation and sprawl, CISOs have never been under more pressure....
7.5AI Score
Description The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom meta output in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....
5.9AI Score
0.0004EPSS
Dark web threats and dark market predictions for 2024
An overview of last year's predictions Increase in personal data leaks; corporate email at risk A data leakage is a broad term encompassing various types of information that become publicly available, or published for sale on the dark web or other shadow web sites. Leaked information may...
7.2AI Score
The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post...
6.1CVSS
6.3AI Score
0.001EPSS
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details...
5.3CVSS
5.3AI Score
0.001EPSS
The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post...
6.1CVSS
6.3AI Score
0.001EPSS
The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post...
6.6AI Score
0.001EPSS
CVE-2024-0235 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the...
5.5AI Score
0.005EPSS
CVE-2024-0233 EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.2AI Score
0.0005EPSS
CVE-2023-6005 EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for...
4.7AI Score
0.0004EPSS
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for...
5.8AI Score
0.001EPSS
The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details...
5.6AI Score
0.001EPSS
On December 11, 2023, we added an Unauthenticated Stored XSS vulnerability in the Popup Builder WordPress plugin to our Wordfence Intelligence Vulnerability Database. This vulnerability, which was originally reported by WPScan, allows an unauthenticated attacker to inject arbitrary JavaScript that....
6.4AI Score
quantum-computing.cioreview.com Cross Site Scripting vulnerability OBB-3834169
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 1, 2024 to January 7, 2024)
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 85 vulnerabilities disclosed in 74 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence...
9.8CVSS
10AI Score
0.091EPSS
9.8CVSS
7.1AI Score
0.001EPSS
Atomic Stealer rings in the new year with updated version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding new features to justify its hefty...
7.6AI Score
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin
On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability makes it possible for unauthenticated threat actors....
9.8CVSS
7.3AI Score
0.043EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
Description The plugins do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog PoC To get the administrator user emails: curl -X POST --data '_user_role=administrator'...
5.3CVSS
5.3AI Score
0.005EPSS
EventON (Free < 2.2.9, Premium < 4.5.9) - Unauthenticated Virtual Event Settings Update
Description The plugins do not have authorisation and CSRF in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details...
5.3CVSS
5.4AI Score
0.001EPSS
EventON (Free < 2.2.9, Premium < 4.5.9) - Unauthenticated Virtual Event Settings Update
Description The plugins do not have authorisation and CSRF in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc PoC To set the Meeting URL to https://attacker.com/ on the Virtual Event with ID 240: curl -X POST...
5.3CVSS
5.3AI Score
0.001EPSS
EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). PoC 1. Go to the EventON Lite...
4.8CVSS
4.7AI Score
0.0004EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
Description The plugins do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...
6.1CVSS
6.1AI Score
0.0005EPSS
EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update
Description The plugins do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata. Note: Such issue could lead to Unauthenticated Stored XSS due to the lack of sanitisation in.....
6.1CVSS
6.2AI Score
0.001EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
Description The plugins do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the...
5.3CVSS
5.4AI Score
0.005EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
Description The plugins do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code...
6.1CVSS
6.1AI Score
0.0005EPSS
EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update
Description The plugins do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata. Note: Such issue could lead to Unauthenticated Stored XSS due to the lack of sanitisation in.....
6.1CVSS
5.9AI Score
0.001EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
Description The plugins do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for Zoom) PoC curl -X POST --data "eid=240"...
5.3CVSS
5.5AI Score
0.001EPSS
EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
Description The plugins do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for...
5.3CVSS
5.6AI Score
0.001EPSS
EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting
Description The plugin does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
4.8CVSS
4.7AI Score
0.0004EPSS
What Is Cloud Data Protection?
A Deep Dive into the Cosmic Universe of Information Safeguarding: An Exhaustive Examination of Distributed Data Security As the virtual dominions continue to propagate at a phenomenal pace, the totality of data we generate daily scales new zeniths. We see ourselves increasingly relying on 'online.....
6.6AI Score
Safeguarding Trade: Discovering the World of Mastercard Digital Guardrails In our tech-driven era, it is vitro important that financial dealings are shielded competently. A colossal number of exchanges are happening each day, proving the ever growing necessity of sturdy digital protective...
7.5AI Score
Unifying Security Tech Beyond the Stack: Integrating SecOps with Managed Risk and Strategy
Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, "only 59% of organizations say their cybersecurity strategy has changed over the past two years." This stagnation in strategy adaptation can be traced back to several key...
7AI Score
Flarum's logout Route allows open redirects
Impact The Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a (trusted) domain of the Flarum installation to redirect to any link. Sample: example.com/logout?return=https://google.com. For logged-in users, the logout must be confirmed. Guests...
6.7AI Score
0.001EPSS
Flarum's logout Route allows open redirects
Impact The Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a (trusted) domain of the Flarum installation to redirect to any link. Sample: example.com/logout?return=https://google.com. For logged-in users, the logout must be confirmed. Guests...
6.8AI Score
0.001EPSS
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Over the last two weeks, there were 263 vulnerabilities disclosed in 217 WordPress Plugins and 3 WordPress themes that have been added to the...
9.8CVSS
10AI Score
0.005EPSS
We don't have a useful quantum computer yet, but we do have quantum algorithms. Shor's algorithm has the potential to factor large numbers faster than otherwise possible, which--if the run times are actually feasible--could break both the RSA and Diffie-Hellman public-key algorithms. Now, computer....
7.2AI Score
How to Protect Your Privacy Online
Decoding the Complexities of Digital Personhood and Its Private Aspects: Elemental Groundwork As we stride through this tech-propelled age, concerns related to internet-bound privacy have risen as pressing hurdles for all cyber inhabitants around the planet. Considering the ever-broadening...
7.4AI Score
Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
Description The plugin allows any unauthenticated user to read draft and private posts via a crafted request PoC https://example.com/?post_status=draft...
5.3CVSS
6.4AI Score
0.001EPSS
Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
Description The plugin allows any unauthenticated user to read draft and private posts via a crafted...
5.3CVSS
6.7AI Score
0.001EPSS
The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and above to...
5.4CVSS
6.1AI Score
0.001EPSS
FooGallery Premium < 2.4.6 - Contributor+ Stored XSS
Description The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors and....
5.4CVSS
5.9AI Score
0.001EPSS
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 16 vulnerabilities disclosed in 16 WordPress Plugins and no WordPress themes that have been added to the Wordfence...
9.8CVSS
7.8AI Score
0.909EPSS
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as...
8.6CVSS
7.4AI Score
0.0005EPSS
impossible to open a position with a large marginTo
Lines of code Vulnerability details Description marginTo/From is a way to both cover your position and increase your premium when opening a position. There is however a unintended limit on how much marginTo you can provide when opening a position. When doing the swap to increase leverage, the...
7.2AI Score
Liquidation condition should not factor the liquidation reward into the premiums
Lines of code Vulnerability details Summary The premiums used to determine the liquidation condition have the liquidation reward already discounted, potentially causing a lien to be considered underwater while technically it is not. Impact Positions in Particle LAMM can be liquidated if the owed...
6.9AI Score
changing LOAN_TERM changes terms for existing loans
Lines of code https://github.com/code-423n4/2023-12-particle/blob/main/contracts/protocol/ParticlePositionManager.sol#L581-L585 Vulnerability details Impact If the protocol updates the loan terms, this will affect existing loans taken under different terms. Proof of Concept LOAN_TERM is a...
6.9AI Score
marginTo when opening a position increases slippage
Lines of code Vulnerability details Impact Providing marginTo when opening position will not increase premium but be stolen by MeV. This can be mitigated by providing amountOutMin in swap params but the protocol should guarantee proper swap. Proof of Concept When opening a position a borrower can.....
7AI Score