Attacks, Vulnerabilities and Actors 4 to 10 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, four vulnerabilities were uncovered, and two active adversaries were.....
9.8CVSS
7.7AI Score
0.972EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 26, 2024 to March 3, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 121 vulnerabilities disclosed in 88...
9.8CVSS
9.6AI Score
0.001EPSS
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with.....
7.5CVSS
7.5AI Score
0.013EPSS
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with.....
7.5CVSS
7.5AI Score
0.013EPSS
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with.....
7.5CVSS
7.5AI Score
0.013EPSS
A stored cross site scripting (XSS) vulnerability in the "Import Subscribers" feature in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted...
5.4CVSS
5.4AI Score
0.001EPSS
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute...
7.5CVSS
7AI Score
0.001EPSS
Attacks, Vulnerabilities and Actors 26 February to 3 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, twelve vulnerabilities were uncovered, and six active adversaries...
8.6AI Score
GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks
Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications......
7.1AI Score
Giveaways and Contests by RafflePress < 1.12.7 - Unauthenticated Stored Cross-Site Scripting
Description The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘parent_url’ parameter in all versions up to, and including, 1.12.5 due to insufficient input...
7.2CVSS
5.9AI Score
0.0004EPSS
The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request function in all versions up to, and including, 1.4.4. This makes it possible for subscribers and higher...
4.3CVSS
5.2AI Score
0.0004EPSS
The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request function in all versions up to, and including, 1.4.4. This makes it possible for subscribers and higher...
4.3CVSS
4.4AI Score
0.0004EPSS
The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request function in all versions up to, and including, 1.4.4. This makes it possible for subscribers and higher...
4.3CVSS
6.9AI Score
0.0004EPSS
The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request function in all versions up to, and including, 1.4.4. This makes it possible for subscribers and higher...
4.3CVSS
4.7AI Score
0.0004EPSS
Attacks, Vulnerabilities and Actors 19 to 25 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of fifteen attacks were executed, five vulnerabilities were uncovered, and five active adversaries...
10CVSS
8AI Score
0.946EPSS
4.3CVSS
7.4AI Score
0.0004EPSS
Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Subscriber+ Template Creation
Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the templates_ajax_request function, allowing subscribers and higher to create...
4.3CVSS
4.8AI Score
0.0004EPSS
5.3CVSS
4.7AI Score
0.0004EPSS
5.3CVSS
7.1AI Score
0.0004EPSS
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable the....
7.5AI Score
Attacks, Vulnerabilities and Actors 12 to 18 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, five vulnerabilities were uncovered, and three active adversaries...
8.1CVSS
7.5AI Score
0.002EPSS
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
9.1AI Score
0.0004EPSS
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
6.8AI Score
0.0004EPSS
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
7.3AI Score
0.0004EPSS
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
9.2AI Score
0.0004EPSS
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
7.2AI Score
0.0004EPSS
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability...
9.6CVSS
9.4AI Score
0.0004EPSS
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of five attacks were executed, six vulnerabilities were uncovered, and two active adversaries were...
8.8CVSS
7.6AI Score
0.005EPSS
Login Lockdown – Protect Login Form < 2.09 - Subscriber+ Options Leak
Description The plugin does not prevent logged-in users of any role (e.g. subscribers) from leaking its settings, which may include allowlisted IP addresses as well as a global unlock key, with which they could add their own IP address to the plugin's...
5.4CVSS
9.4AI Score
0.0004EPSS
Login Lockdown – Protect Login Form < 2.09 - Subscriber+ Options Leak
Description The plugin does not prevent logged-in users of any role (e.g. subscribers) from leaking its settings, which may include allowlisted IP addresses as well as a global unlock key, with which they could add their own IP address to the plugin's list. PoC As a logged-in subscriber, visit the....
5.4CVSS
9.3AI Score
0.0004EPSS
Directory Traversal: Examples, Testing, and Prevention
Unveiling the Enigma of Path Navigation: An Exhaustive Exploration and Insight Path Navigation, often referred to as Folder Navigation, symbolizes a kind of security extraction point allowing unauthorized individuals to gain unauthorized access to specific files held within a server's database...
7.8AI Score
Attacks, Vulnerabilities and Actors 29 January to 4 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and six exploited...
8.2CVSS
7.1AI Score
0.961EPSS
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for....
4.3CVSS
5.5AI Score
0.0004EPSS
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for....
4.3CVSS
4.6AI Score
0.0004EPSS
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences...
4.3CVSS
4.4AI Score
0.001EPSS
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences...
4.3CVSS
6.9AI Score
0.001EPSS
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for....
4.3CVSS
7.1AI Score
0.0004EPSS
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences...
4.3CVSS
5.3AI Score
0.001EPSS
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.7 via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences...
4.3CVSS
4.7AI Score
0.001EPSS
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it possible for....
4.3CVSS
4.9AI Score
0.0004EPSS
PopupAlly < 2.1.1 - Cross-Site Request Forgery via optin_submit_callback
Description The PopupAlly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.0. This is due to missing or incorrect nonce validation on the 'optin_submit_callback' function. This makes it possible for unauthenticated attackers to opt in...
6.4AI Score
0.0004EPSS
The many ways electric cars are vulnerable to hacks, and whether that matters in a real-world
I'd hate to be labeled a "car guy" now mentioning my new electric car in the lede of two newsletters in a row, but I couldn't resist. I'd been reading headlines for years about how electric cars (most notably Tesla) were vulnerable to a range of security vulnerabilities, even some that could allow....
7.4AI Score
Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let's take a look at what's been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let's take a look at the Microsoft.....
10CVSS
10AI Score
0.971EPSS
Description The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 1.0.6.1. This makes it.....
7.1AI Score
0.0004EPSS
Starbox < 3.4.8 - Subscriber+ Plugin Preferences / User Settings Access via IDOR
Description The plugin is vulnerable to Insecure Direct Object Reference via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences and potentially other user...
6.7AI Score
0.001EPSS
Attacks, Vulnerabilities and Actors 22 January to 28 January 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, three instances of adversary activity, and three exploited...
10CVSS
9.9AI Score
0.971EPSS
Attacks, Vulnerabilities and Actors 15 January to 21 January 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of six executed attacks, two instances of adversary activity, and eight exploited...
8.8CVSS
7.8AI Score
0.002EPSS
E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop
The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. With memorable hits such as "Internet Swiping" and "Million Dollar Criminal" earning millions of views, Punchmade has leveraged his considerable...
6.8AI Score
popup-builder < 4.2.6 - Admin+ SSRF & File Read
Description The plugin does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress...
6.7AI Score
0.0004EPSS
popup-builder < 4.2.6 - Admin+ SSRF & File Read
Description The plugin does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations. PoC 1. Create a multi-site wordpress setup, i.e. using docker-containers, and setup a second "site".....
6.5AI Score
0.0004EPSS