WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件 Security Vulnerabilities

Logic Flaw Vulnerability in T+ (CNVD-2023-62863)

T+ is a new Internet business management software. A logic flaw vulnerability exists in Changjitong T+, which can be exploited by an attacker to delete arbitrary...

Exploit for Improper Ownership Management in Linux Linux Kernel

typora-copy-images-to: ./image CVE-2023-0386 Exp...

File upload vulnerability in inforsuiteAS application server of Shandong Zhongchuang Software Commercial Middleware Co.(CNVD-2023-63818)

Shandong Zhongchuang Software Commercial Middleware Co., Ltd. is a company whose business scope includes sales and maintenance services of computers, software and auxiliary equipment, electronic equipment, computer network equipment, etc. A file upload vulnerability exists in the inforsuiteAS...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 12, 2023 to June 18, 2023)

Last week, there were 60 vulnerabilities disclosed in 52 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 25 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

CVE-2023-35917

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

CVE-2023-35917

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4...

CVE-2023-35917 WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin &lt;= 2.0.4...

Exploit for SQL Injection in Jeecg Jeecg-Boot

CVE-2023-1454 Jeecg-Boot-qurestSql-SQLvuln...

WooCommerce PayPal Payments < 2.0.5 - Merchant ID Details Update via CSRF

The plugin does not have CSRF checks when updating the merchant ID details, which could allow attackers to make logged in users update them via a CSRF...

Exploit for CVE-2023-23752

CVE-2023-23752 Joomla未授权访问漏洞 fofa: product="Joomla"...

Exploit for Use After Free in Linux Linux Kernel

CVE-2022-1011...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 0x01 获取返回的JSESSIONID和csrftoken...

Changjitong T+ Remote Command Execution Vulnerability

T+ is a new Internet-based business management software. A remote command execution vulnerability exists in T+, which can be exploited by an attacker to execute arbitrary commands on the target...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246 CVE-2023-33246 Apache RocketMQ...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246 CVE-2023-33246 Apache RocketMQ 远程代码执行漏洞...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 29, 2023 to June 4, 2023)

Last week, there were 116 vulnerabilities disclosed in 88 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 35 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Exploit for Code Injection in Vmware Spring Framework

Spring RCE CVE-2022-22965 漏洞环境 环境信息 * springboot *...

Exploit for Code Injection in Apache Rocketmq

0x01 简介 此工具是一款用于 RocketMQ RCE (CVE-2023-33246) woodpecker...

Exploit for Code Injection in Apache Rocketmq

0x01 简介 此工具是一款用于 RocketMQ RCE (CVE-2023-33246) woodpecker...

Exploit for Code Injection in Vmware Spring Framework

CVE-2022-22965 Poc&Exp,支持批量扫描 使用 ``` -a string ...

CVE-2023-2406

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 1.3.1 due to insufficient....

CVE-2023-2407

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the ls_parse_vcita_callback() function....

CVE-2023-2406

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 1.3.1 due to insufficient....

CVE-2023-2407

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the ls_parse_vcita_callback() function....

Cross site scripting

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 1.3.1 due to insufficient....

Cross site request forgery (csrf)

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the ls_parse_vcita_callback() function....

CVE-2023-2407

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Cross-Site Request Forgery. This is due to missing nonce validation in the ls_parse_vcita_callback() function....

CVE-2023-2406

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin, for WordPress are vulnerable to Stored Cross-Site Scripting via the 'email' parameter in versions up to, and including, 1.3.1 due to insufficient....

Multiple plugins by vcita - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and the email field in the plugin settings, which could allow users with roles as low as contributor to inject arbitrary web scripts in the plugin settings page, which could target high privilege users such as administrators. PoC...

Multiple plugins by vcita - CSRF to Stored XSS in settings page

The plugin does not protect the live-site-parse-vcita-callback settings page against CSRF attacks, allowing an unauthenticated attacker to inject arbitrary web scripts by tricking a logged in user with contributor role or higher to click a...

Multiple plugins by vcita - CSRF to Stored XSS in settings page

The plugin does not protect the live-site-parse-vcita-callback settings page against CSRF attacks, allowing an unauthenticated attacker to inject arbitrary web scripts by tricking a logged in user with contributor role or higher to click a link. PoC...

Multiple plugins by vcita - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and the email field in the plugin settings, which could allow users with roles as low as contributor to inject arbitrary web scripts in the plugin settings page, which could target high privilege users such as...

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246 Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246)...

Exploit for Code Injection in Apache Rocketmq

CVE-2023-33246 Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246)...

Unauthorized access vulnerability in SuperMap iServer of Beijing SuperMap Software Co. Ltd (CNVD-2023-61163)

SuperMap iServer is a cloud GIS application server based on high-performance cross-platform GIS kernel. An unauthorized access vulnerability exists in SuperMap iServer of Beijing SuperMap Software Co. Ltd, which can be exploited by attackers to obtain sensitive...

missing permission check for API /setting/workspace/member/update

Proof of Concept 1 user1 是workspace1的空间管理员 2 user2 是workspace1的成员 3 user1 更新user2的信息，比如将其更新为空间管理员 4 使用burpsuite拦截请求 ``` POST /setting/workspace/member/update HTTP/1.1 Host: 192.168.213.128:8081 Content-Length: 144 Accept-Language: zh-CN WORKSPACE: bd6fc04b-15af-43dc-8cb6-411deaec81a7...

Exploit for Expression Language Injection in Vmware Spring Cloud Gateway

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行Exp...

Exploit for Incorrect Default Permissions in Powerjob

# #CVE-2023-29923...

Zip domains, a bad idea nobody asked for

If you heard a strange and unfamiliar creaking noise on May 3, it may have been the simultaneous rolling of a million eyeballs. The synchronised ocular rotation was the less than warm welcome that parts of the IT and security industries--this author included--gave to Google's decision to put .zip.....

Exploit for Improper Input Validation in Microsoft

CVE-2023-21554-PoC CVE-2023-21554 Windows...

Why High Tech Companies Struggle with SaaS Security

It's easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world's youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues...

Exploit for Deserialization of Untrusted Data in Apache Kafka

Flink-Kafka-Vul Apache Flink远程代码执行漏洞。 Apache Flink Web...

Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case

A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency while working at the company. Nickolas Sharp, 37, was arrested in December 2021 for...

用户可以将自己添加到任意的组织中

Proof of Concept 1 用户1属于组织team1，并不属于team2 2 用户1修改自己的profile 3 在界面上，用户1修改自己的组织时只能看到team1 4 但是我们用burpsuite拦截请求，将请求中的team1的ID换成team2 5 继续执行，发现可以执行成功 6 原因是虽然我们在界面上保证了team2不可见，但服务端没检查user1是否可以选择team2...

IDOR 漏洞使得攻击者可以在一个组织内任意添加、删除、修改工作空间

Proof of Concept 1 系统中存在两个组织，team1和team2 2 用户user1是 team1 的管理员， 不是team2的管理员 3 用户1在team1中创建工作空间，名为workspace1. 4 用户1使用burpsuit拦截请求，在请求中将team1的ID换成team2的ID 5 查看请求，结果显示成功，用户1可以在team2中任意创建工作空间。...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

更全面的Dubbo漏洞扫描工具见我的另一个项目：https://github.com/YYHYlh/Dubbo-Scan...

Navigating mobile malware trends: Crucial insights and predictions for MSPs

Whether a company gives them out or they're owned by the employees or students, mobile devices are like honey for cybercriminals. And the kicker? Most of these devices are not protected enough. Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came...

Feds Take Down 13 More DDoS-for-Hire Services

The U.S. Federal Bureau of Investigation (FBI) this week seized 13 domain names connected to "booter" services that let paying customers launch crippling distributed denial-of-service (DDoS) attacks. Ten of the domains are reincarnations of DDoS-for-hire services the FBI seized in December 2022,...