Email Subscribers & Newsletters Security Vulnerabilities

Metform Elementor Contact Form Builder < 3.3.2 - Multiple Subscriber+ Sensitive Information Disclosure Issues

The plugin does not prevent less privileged users, like subscribers, from accessing various sensitive information via the plugin's shortcodes. This includes payment statuses, transaction IDs, submitter's name information, and virtually all fields of any form...

IT threat evolution Q1 2023. Mobile statistics

IT threat evolution Q1 2023 IT threat evolution Q1 2023. Non-mobile statistics IT threat evolution Q1 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures According to...

CVE-2021-4378

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject.....

CVE-2021-4378

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject.....

CVE-2021-4383

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

CVE-2021-4383

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

CVE-2021-4367

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with...

CVE-2021-4367

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with...

Design/Logic Flaw

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

Cross site scripting

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with...

Cross site scripting

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject.....

CVE-2021-4383

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to...

CVE-2021-4378

The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with minimal permissions like subscribers, to inject.....

CVE-2021-4367

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with...

Directorist < 7.5.5 - Subscriber+ Insecure Direct Object Reference to Arbitrary Post Deletion

The plugin does not properly validate that users are authorized to delete a given listing, or that it is a listing at all, making it possible for less-privileged users like subscribers to delete...

Credential-Stealing Server Side Request Forgery Patched in Getwid

On April 6, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two vulnerabilities in Getwid – Gutenberg Blocks, a plugin installed on over 50,000 WordPress sites. The plugin’s developers responded immediately, and we sent over the full disclosure the...

WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF

...

5 unusual cybersecurity tips that actually work

So, you're on top of your software updates, you use a password manager, you've enabled two-factor authentication wherever you can, you've got BrowserGuard installed, and you're running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because.....

WP User Switch < 1.0.3 - Subscriber+ Authentication Bypass

The plugin does not properly verify the 'wpus_who_switch' cookie value, which allows attackers with low-privilege accounts like Subscribers to bypass authentication and login as any other existing user. PoC Log-in as a subscriber onto the affected site. Run the following JS script in your...

WP User Switch < 1.0.3 - Subscriber+ Authentication Bypass

The plugin does not properly verify the 'wpus_who_switch' cookie value, which allows attackers with low-privilege accounts like Subscribers to bypass authentication and login as any other existing...

Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.3 - Missing Capability Checks

The plugin does not apply capability checks on the vcita_save_settings_callback function, making it possible for attackers with low privileges, like subscribers, to modify the plugin's settings, upload media files, and conduct XSS...

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with...

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

On May 20, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in WPDeveloper’s ReviewX plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an.....

WordPress ReviewX 1.6.13 Privilege Escalation Vulnerability

...

WordPress ReviewX 1.6.13 Privilege Escalation

...

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGPT,.....

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. "It has the potential to expand to other platforms as Bandit Stealer was developed using the Go...

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)

Last week, there were 82 vulnerabilities disclosed in 59 WordPress Plugins and 11 WordPress themes, along with 6 in WordPress Core, that have been added to the Wordfence Intelligence Vulnerability Database, and there were 26 Vulnerability Researchers that contributed to WordPress Security last...

It’s really OK to take a break sometimes, especially in security

Welcome to this week's edition of the Threat Source newsletter. You probably already know this by now, but May is Mental Health Awareness Month across the globe. Many people will apply this time of reflection and education to their personal lives -- it's easy to discuss anxiety, depression and...

Minas – on the way to complexity

Sometimes when investigating an infection and focusing on a targeted attack, we come across something we were not expecting. The case described below is one such occurrence. In June 2022, we found a suspicious shellcode running in the memory of a system process. We decided to dig deeper and...

CVE-2023-22684

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin &lt;= 1.5.3...

CVE-2023-22684

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin &lt;= 1.5.3...

Cross site scripting

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin &lt;= 1.5.3...

CVE-2023-22684 WordPress Subscribers – Free Web Push Notifications Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin &lt;= 1.5.3...

Elementor Website Builder < 3.13.2 - Missing Authorization

The plugin does not check user capabilities on several functions, allowing authenticated attackers with a low amount of privilege (such as Subscribers) to perform actions that should only be available to users with higher...

Google Announces New Privacy, Safety, and Security Features Across Its Services

Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and...

New Discord username policy raises user privacy fears

Discord, the Voice over IP (VoIP) and instant message communications tool, is changing how usernames function in a major way soon. Many users are not keen on this change at all. What is going on over there, and why are so many people concerned about the upcoming alterations? When Discord launched.....

CVE-2023-31133

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

CVE-2023-31133

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

CVE-2023-31133

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

Design/Logic Flaw

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

CVE-2023-31133 Ghost vulnerable to disclosure of private API fields

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...

EulerOS Virtualization 3.0.2.0 : shim-signed (EulerOS-SA-2023-1748)

According to the versions of the shim-signed packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would...

Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and...

Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 24, 2023 to Apr 30, 2023)

Last week, there were 77 vulnerabilities disclosed in 68 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in....

Not quite an Easter egg: a new family of Trojan subscribers on Google Play

Every once in a while, someone will come across malicious apps on Google Play that seem harmless at first. Some of the trickiest of these are subscription Trojans, which often go unnoticed until the user finds they have been charged for services they never intended to buy. This kind of malware...

Wordfence Intelligence Weekly WordPress Vulnerability Report (Apr 17, 2023 to Apr 23, 2023)

Last week, there were 152 vulnerabilities disclosed in 134 WordPress Plugins and 0 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 41 Vulnerability Researchers that contributed to WordPress Security last week. There were more unpatched...

YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks. PoC Run the below command in the developer console of the web browser while being on the...