Email Subscribers & Newsletters Security Vulnerabilities

SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

OpenHook < 4.3.1 - Subscriber+ Remote Code Execution

Description The plugin does not prevent low-privileged users like subscribers from using its 'php' shortcode feature, leading to potential Remote Code...

ABB RTU500 Series Infinite Loop in embedded OpenSSL (CVE-2022-0778)

A vulnerability exists in the OpenSSL version 1.0.2 that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.14 12.2.1 – 12.2.11 12.4.1 – 12.4.11 12.6.1 – 12.6.8 12.7.1 – 12.7.5 13.2.1 – 13.2.5 13.3.1 – 13.3.3 13.4.1 The BN_mod_sqrt()...

Amazon Linux 2 : mariadb (ALASMARIADB10.5-2023-003)

The version of mariadb installed on the remote host is prior to 10.5.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MARIADB10.5-2023-003 advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that...

Attacks, Vulnerabilities and Actors 18 September to 24 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, five instance of adversary activity, and eleven vulnerabilities...

T-Mobile spills billing information to other customers

Some T-Mobile customers logged into their accounts on Wednesday to find another customer's billing and account information showing on their online dashboards. T-Mobile denied there was an attack, but confirmed there had been a data leak. It said a "temporary system glitch" had misplaced some...

New Microsoft security tools to protect families and businesses

Today marks an exciting milestone in Microsoft’s AI journey. This morning, at an event in New York City, we made several major announcements to empower people across work and life—you can read more about Microsoft Bing and Edge with Copilot, what’s new from Microsoft 365 Copilot and Bing Chat...

New Microsoft security tools to protect families and businesses

Today marks an exciting milestone in Microsoft’s AI journey. This morning, at an event in New York City, we made several major announcements to empower people across work and life—you can read more about Microsoft Bing and Edge with Copilot, what’s new from Microsoft 365 Copilot and Bing Chat...

New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants

Cisco Talos recently discovered a new malware family we're calling "HTTPSnoop" being deployed against telecommunications providers in the Middle East. HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to...

Attacks, Vulnerabilities and Actors 11 September to 17 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, a total of eight attacks were executed, along with eleven vulnerabilities discovered, and two different adversaries...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 4, 2023 to September 10, 2023)

Last week, there were 107 vulnerabilities disclosed in 89 WordPress Plugins and 5 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Attacks, Vulnerabilities and Actors 4 September to 10 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of ten executed attacks, one instance of adversary activity, and six vulnerabilities...

WooCommerce PDF Invoice Builder < 1.2.90 - Subscriber+ SQLi

Description The plugin does not properly sanitise and escape the pageId parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as...

Attacks, Vulnerabilities and Actors 28 August to 3 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, one vulnerability, and two different adversaries highlights.....

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.207)

The version of AHV installed on the remote host is prior to 20220304.480. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.207 advisory. In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in ...

CVE-2023-4245

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscribers to view arbitrary invoices provided they can guess the.....

CVE-2023-3677

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2023-3677

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2023-4245

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscribers to view arbitrary invoices provided they can guess the.....

Sql injection

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

Design/Logic Flaw

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscribers to view arbitrary invoices provided they can guess the.....

CVE-2023-3677

The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to SQL Injection via the pageId parameter in versions up to, and including, 1.2.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2023-4245

The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscribers to view arbitrary invoices provided they can guess the.....

CVE-2023-3356

The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and...

CVE-2023-3356

The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and...

Cross site scripting

The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and...

CVE-2023-3356 Subscribers Text Counter < 1.7.1 - Settings Update via CSRF to Stored XSS

The Subscribers Text Counter WordPress plugin before 1.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and...

Attacks, Vulnerabilities and Actors 21 August to 27 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, six vulnerabilities, and three different adversaries...

CVE-2023-32678 Zulip vulnerable to insufficient authorization check for edition/deletion of messages and topics in private streams by former subscribers

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they....

Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware

A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a...

Attacks, Vulnerabilities and Actors 14 August to 20 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, one instance of adversary activity, and four zero-day...

CVE-2023-39974

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...

CVE-2023-39974

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...

CVE-2023-39974

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...

Information disclosure

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...

CVE-2023-39974 Extension - acymailing.com - Exposure of Sensitive Information in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 7, 2023 to August 13, 2023)

Last week, there were 86 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....

WordPress YARPP Plugin < 5.30.3 SQLi Vulnerability

The WordPress...

CVE-2023-0579

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

CVE-2023-0579

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

Sql injection

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

CVE-2023-0579 YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

Attacks, Vulnerabilities and Actors 7 August to 13 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eleven attacks executed, three vulnerabilities, and three different adversaries...

Wordfence Intelligence Weekly WordPress Vulnerability Report (July 31, 2023 to August 6, 2023)

Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

WordPress WP Project Manager 2.6.4 Privilege Escalation

...

EmbedPress < 3.8.3 - Subscriber+ Plugin Settings Delete

Description The plugin does not properly authorize access to its admin_post_remove and remove_private_data actions, allowing low privileged users (such as subscribers) to delete plugin...

weDevs Addresses Privilege Escalation Vulnerability in WP Project Manager WordPress Plugin

On July 9, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in weDevs’s WP Project Manager plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible...

CVE-2023-2843

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection...

CVE-2023-2843

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection...

Sql injection

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection...