WordPress Backup & Migration Security Vulnerabilities

Information disclosure

A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the...

CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators

In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It's the lifeblood of any organization in today's interconnected and digital world. Thus, safeguarding the data is of paramount importance. Its importance is magnified in on-premises Exchange....

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it's being actively exploited in the wild. The...

Veeam Installer Service Displays Previous Version Despite Being Updated

The method used to update the Veeam Installer Service component does not update the uninstaller version entry, causing the package to appear outdated despite being...

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 8, 2024 to January 14, 2024)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress themes that have been added to the Wordfence...

WordPress Backup Migration 1.3.7 Remote Command Execution

...

InstaWP Connect < 0.1.0.9 - Missing Authorization to Arbitrary Options Update

Description The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_management_settings function in all versions up to, and including, 0.1.0.8. This makes it possible for...

Exploit for CVE-2024-22145

CVE-2024-22145 InstaWP Connect &lt;= 0.1.0.8 - Missing...

CVE-2023-34379

Missing Authorization vulnerability in MagneticOne Cart2Cart: Magento to WooCommerce Migration.This issue affects Cart2Cart: Magento to WooCommerce Migration: from n/a through...

CVE-2023-34379

Missing Authorization vulnerability in MagneticOne Cart2Cart: Magento to WooCommerce Migration.This issue affects Cart2Cart: Magento to WooCommerce Migration: from n/a through...

Authorization

Missing Authorization vulnerability in MagneticOne Cart2Cart: Magento to WooCommerce Migration.This issue affects Cart2Cart: Magento to WooCommerce Migration: from n/a through...

CVE-2023-34379 WordPress Cart2Cart: Magento to WooCommerce Migration Plugin <= 2.0.0 is vulnerable to Broken Access Control

Missing Authorization vulnerability in MagneticOne Cart2Cart: Magento to WooCommerce Migration.This issue affects Cart2Cart: Magento to WooCommerce Migration: from n/a through...

Security Bulletin: AIX is vulnerable to cache poisoning due to ISC BIND (CVE-2021-25220)

Summary A vulnerability in ISC BIND could allow a remote attacker to poison the cache (CVE-2021-25220). AIX uses ISC BIND as part of its DNS functions. Vulnerability Details ** CVEID: CVE-2021-25220 DESCRIPTION: **ISC BIND could allow a remote attacker to bypass security restrictions, caused by...

What is Blackcat Ransomware

Begin This Exploration: Unraveling the Mysteries of PantheraNegra Malware As new forks in the road of online threats emerge, an innovative peril has cast its shadow in the digital landscape – a danger we have identified as PantheraNegra Malware. What sets PantheraNegra Malware apart? Let's unravel....

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator. Kaspersky, which analyzed a set of iPhones that were...

The evolution of the Kuiper ransomware

Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...

The evolution of the Kuiper ransomware

Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...

Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the...

Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795)

Summary UPDATED May 17 (Corrected the affected fileset levels for AIX 7.2 TL5 and removed bos.net.tcp.bind 7.2.5.200.): A vulnerability in ISC BIND could allow a remote attacker to cause a denial of service (CVE-2022-38178, CVE-2022-3080, CVE-2022-38177, CVE-2022-2795). AIX uses ISC BIND as part...

Ivanti ICS - Authentication Bypass

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control...

Unified security operations with Microsoft Sentinel and Microsoft Defender XDR

Numerous cybersecurity tools exist to help organizations protect their data, people, and systems. There are different tools that check emails for phishing attempts, secure infrastructure and cloud, and provide generative AI to detect threats and uplevel response beyond human ability. While each of....

CVE-2023-0769

The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as...

CVE-2023-0769

The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as...

Cross site scripting

The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as...

CVE-2023-6592 FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure

The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export...

CVE-2023-0769 hiWeb Migration Simple <= 2.0.0.1 Reflected Cross-Site Scripting

The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as...

Ivanti Connect Secure Unauthenticated Remote Code Execution

This module chains an authentication bypass vulnerability (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported...

A lightweight method to detect potential iOS malware

Introduction In the ever-evolving landscape of mobile security, hunting for malware in the iOS ecosystem is akin to navigating a labyrinth with invisible walls. Imagine having a digital compass that not only guides you through this maze, but also reveals the hidden mechanisms of iOS malware...

SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies

Overview A vulnerability has been found in the way that SMTP servers and software handle the end-of-data sequences (essentially the end of a single email message) in mail messages. An attacker can use this inconsistency to craft an email message that can bypass SMTP security policies. Description.....

Vulnerabilities in EDK2 NetworkPkg IP stack implementation.

Overview Multiple vulnerabilities were discovered in the TCP/IP stack (NetworkPkg) of Tianocore EDKII, an open source implementation of Unified Extensible Firmware Interface (UEFI). Researchers at Quarkslab have identified a total of 9 vulnerabilities that if exploited via network can lead to...

What is Kafka?

Introduction to the Universe of Kafka: A Detailed Synopsis Apache Kafka, frequently just labeled as Kafka, is a universally contributed event broadcasting framework, intended to manage live streaming of data. It is engineered to be a bridge for significant volumes of data, offering a mechanism...

FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure

Description The plugin does not prevent directory listing in sensitive directories containing export...

FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure

Description The plugin does not prevent directory listing in sensitive directories containing export files. PoC 1) Run backup function http://your_site/wordpress/wp-admin/admin.php?page=njt-fastdup#/ 2) During backup creation, you can intercept the following paths:...

squid security update

CentOS Errata and Security Advisory CESA-2023:6805 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847) For more details about the security...

What is Mallox Ransomware

Deciphering the Danger: Decoding Mallox Ransomware. Mallox Ransomware embodies a harmful software element, contributing to an ever-expanding repertoire of digital extortion threats. This cyber menace executes its mission by snaking its way into your computer system, applying a cipher to your data,....

CVE-2023-49256

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static...

CVE-2023-49256

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static...

Authorization

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static...

CVE-2023-49256 Predictable encryption passphrase used in publicly accessible configuration file

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static...

2023 Ransomware Stats: A Look Back To Plan Ahead

Last year was not a year for the faint of heart. Organizations of every size found themselves faced with ransomware attacks at varying levels of sophistication, yet every one of them was damaging. And as we step into 2024, the first victims of ransomware attacks are already being reported. What...

CVE-2023-34854

Authenticated remote code execution via backup/restore in...

CVE-2024-21596

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause.....

CVE-2024-21596

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause.....

CVE-2024-21585

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol...

CVE-2024-21585

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol...

Heap overflow

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause.....

Design/Logic Flaw

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol...

CVE-2024-21596 Junos OS and Junos OS Evolved: A specific BGP UPDATE message will cause a crash in the backup Routing Engine in NSR-enabled devices

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause.....

CVE-2024-21585 Junos OS and Junos OS Evolved: BGP session flaps on NSR-enabled devices can cause rpd crash

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol...