Social Likebox & Feed Security Vulnerabilities

Code injection

ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all...

CVE-2023-52075 ReVanced API vulnerable to Denial of Service due to lack of error caching

ReVanced API proxies requests needed to feed the ReVanced Manager and website with data. Up to and including commit 71f81f7f20cd26fd707335bca9838fa3e7df20d2, ReVanced API lacks error caching causing rate limit to be triggered thus increasing server load. This causes a denial of service for all...

Improper Neutralization Of Special Elements

gitlab is vulnerable to Improper Neutralization of Special Elements. The vulnerability is due to there is no proper validation for user-supplied input, specifically when committing directories containing LF (Line Feed) characters. This flaw results in HTTP 500 errors when viewing the affected...

Exploit for OS Command Injection in Proscend M330-W Firmware

...

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 11, 2023 to December 17, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 16 vulnerabilities disclosed in 16 WordPress Plugins and no WordPress themes that have been added to the Wordfence...

burn() and borrow() in LendingPool are very likely to revert due to insufficient cash and could be triggered maliciously

Lines of code https://github.com/code-423n4/2023-12-initcapital/blob/main/contracts/lending_pool/LendingPool.sol#L125 Vulnerability details Impact Users might not always be able to burn() or borrow() due to being frontrunned by other borrow or burn calls, potentially in a malicious manner so funds....

Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. "Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord...

Meet the entirely legal, iPhone-crashing device, the Flipper Zero: Lock and Code S04E25

This week on the Lock and Code podcast… It talks, it squawks, it even blocks! The stocking-stuffer on every hobby hacker’s wish list this year is the Flipper Zero. “Talk” across low-frequency radio to surreptitiously change TV channels, emulate garage door openers, or even pop open your friend’s...

Fedora: Security Advisory for seamonkey (FEDORA-2023-deb5cf6515)

The remote host is missing an update for...

CVE-2023-49824

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through...

CVE-2023-49816

Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through...

CVE-2023-49816

Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through...

CVE-2023-49824

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through...

CVE-2023-49824 WordPress Product Catalog Feed by PixelYourSite Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.This issue affects Product Catalog Feed by PixelYourSite: from n/a through...

CVE-2023-49816 WordPress Fix My Feed RSS Repair Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.This issue affects Fix My Feed RSS Repair: from n/a through...

[SECURITY] Fedora 38 Update: seamonkey-2.53.18-1.fc38

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

GTG Product Feed for Shopping <= 1.2.4 - Unauthenticated Settings Update

Description The plugin does not have authorisation check when updating its settings, which could allow unauthenticated users to update...

Wordfence Intelligence Weekly WordPress Vulnerability Report (December 4, 2023 to December 10, 2023)

Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....

Over 100 WordPress Repository Plugins Affected by Shortcode-based Stored Cross-Site Scripting

On August 14, 2023, the Wordfence Threat Intelligence team began a research project to find Stored Cross-Site Scripting (XSS) via Shortcode vulnerabilities in WordPress repository plugins. This type of vulnerability enables threat actors with contributor-level permissions or higher to inject...

KB5033376: Cumulative security update for Internet Explorer: December 12, 2023

KB5033376: Cumulative security update for Internet Explorer: December 12, 2023 IMPORTANT Certain versions of Microsoft Internet Explorer have reached end of servicing. Note that some versions of Internet Explorer may be supported past the latest OS end date when Extended Security Updates (ESUs)...

[SECURITY] Fedora 39 Update: seamonkey-2.53.18-1.fc39

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

Fedora: Security Advisory for seamonkey (FEDORA-2023-76db6c040e)

The remote host is missing an update for...

Fix My Feed RSS Repair <= 1.4 - Cross-Site Request Forgery

Description The Fix My Feed RSS Repair plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an...

Product Catalog Feed by PixelYourSite < 2.2.0 - Cross-Site Request Forgery

Description The Product Catalog Feed by PixelYourSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the set_disable_status(), set_wpwoof_schedule() and check_feed_name() functions....

Upgraded Q -> 3 from #534 [1702060375162]

Judge has assessed an item in Issue #534 as 3 risk. The relevant finding follows: [L-03] Consider use stETH/UDS oracle Issue Description: The sponsor has confirmed their choice of Chainlink as an oracle to fetch prices. Since all other LST price feeds are 18 decimal places, they will most likely...

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)

Wordfence just launched its bug bounty program. Through December 20th 2023, all researchers will earn 6.25x our normal bounty rates when Wordfence handles responsible disclosure for our Holiday Bug Extravaganza! Register as a researcher and submit your vulnerabilities today! Last week, there were.....

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022...

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022...

Why a ransomware gang tattled on its victim, with Allan Liska: Lock and Code S04E24

This week on the Lock and Code podcast… Like the grade-school dweeb who reminds their teacher to assign tonight's homework, or the power-tripping homeowner who threatens every neighbor with an HOA citation, the ransomware group ALPHV can now add itself to a shameful roster of pathetic, little...

CDS with Spring Framework 6.1

As a follow-up to the Runtime efficiency with Spring blog post, I am happy to share that our exploration of Project Leyden optimizations has led to some interesting discoveries regarding the JDK's little-used CDS ("Class Data Sharing") feature and has materialized into a new feature that we have...

Earn up to $10,000 for Vulnerabilities in WordPress Software – 6X Rewards in the Wordfence Holiday Bug Extravaganza!

At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 4 million WordPress websites. Today we are announcing that for the next 20 days, Wordfence will be paying out some of the highest bug bounties in the history of WordPress to help find...

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 20, 2023 to November 26, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 115 vulnerabilities disclosed in 87 WordPress Plugins and 1 WordPress themes that have been added to the Wordfence...

Glassdoor: Web Cache Deception

Thanks to our researcher who discovered a web caching issue on an arbitrary endpoint which, in a limited scenario, cached a Fishbowl user's feed page...

Feeds for YouTube < 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 13, 2023 to November 19, 2023)

Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 126 vulnerabilities disclosed in 102 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence...

Tenable Nessus Multiple Vulnerabilities (TNS-2023-36)

Tenable Nessus is prone to multiple...

Social Feed | All social media in one place <= 1.5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting]

Description The Social Feed | All social media in one place plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

Tenable Nessus Arbitrary File Write Vulnerability (TNS-2023-39)

Tenable Nessus is prone to an arbitrary file write...

AI Solutions Are the New Shadow IT

Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures....

Improving compliance management with mappings and automation

Based on the research in Coalfire's 2023 Securealities Compliance Report, the third blog in this series examines one of the top concerns of CISOs and compliance program managers: realizing the value of a platform to simplify...

Navigating the AI security landscape: The federal push for responsible AI adoption

This blog post discusses the U.S. government's commitment to responsible AI through the Executive Order and proposed legislation, outlines key provisions for AI risk management, highlights efforts to strengthen federal AI governance, and emphasizes Coalfire's role in promoting responsible AI...

Exploit for Path Traversal in Lfprojects Mlflow

...

Tenable Nessus < 10.5.7 (TNS-2023-39)

According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 10.5.7. It is, therefore, affected by a vulnerability as referenced in the TNS-2023-39 advisory. An arbitrary file write vulnerability exists where an authenticated, remote attacker with...

python27:2.7 security and bug fix update

babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz#1695587 [2.5.1-8] - Fix unversioned requires/buildrequires - Resolves: rhbz#1628242 [2.5.1-7] - Remove unversioned binaries - Resolves: rhbz#1613343...

python38:3.8 and python38-devel:3.8 security update

babel Cython mod_wsgi [4.6.8-5] - Remove rpath Resolves: rhbz#2213836 [4.6.8-4] - Core dumped upon file upload &gt;= 1GB Resolves: rhbz#2125171 [4.6.8-3] - Exclude unsupported i686 arch (rhbz#1779142) [4.6.8-2] - Adjusted for Python 3.8 module in RHEL 8 [4.6.8-1] - update to 4.6.8 (#1721376)...

Guardians of IoT: Fortifying the financial sector in the age of IoT

The Internet of Things (IoT) has revolutionized the financial industry, but its associated security vulnerabilities and risks must be addressed to protect sensitive...

Wordfence Intelligence Weekly WordPress Vulnerability Report (November 6, 2023 to November 12, 2023)

Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Please note there was a minor error in the heading of the email, and this report only runs from November 6th to November 12th. Last week,...

Social Feed <= 1.5.4.6 - Author+ Stored XSS

Description The plugin does not validate and escape some of its socialfeed shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the Author role and above to perform Stored Cross-Site Scripting...