User Profile & Membership Security Vulnerabilities

Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows...

CVE-2024-5149

The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email...

WP-Recall – Registration, Profile, Commerce & More <= 16.26.6 - Unauthenticated Payment Deletion via delete_payment

Description The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'delete_payment' function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers.....

openSUSE: Security Advisory for glibc (SUSE-SU-2024:1895-1)

The remote host is missing an update for...

TikTok Hack Targets ‘High-Profile’ Users via DMs

TikTok has confirmed a “potential exploit” that is being used to go after accounts belonging to media organizations and celebrities, including CNN and Paris Hilton, through direct...

CVE-2023-47837

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-47837

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-47837 WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

CVE-2023-47837 WordPress ARMember plugin <= 4.0.10 - Membership Plan Bypass vulnerability

Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2024:1895-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1895-1 advisory. - CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423) -....

Exploit for Missing Authorization in Myeventon Eventon

...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM Business Automation Workflow - CVE-2024-27270

Summary IBM WebSphere Application Server Liberty profile is shipped with IBM Business Automation Workflow components User Management Service and Process Federation Service. Liberty is also used in containerized versions of IBM Business Automation Workflow. Liberty is vulnerable to a cross-site...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM Business Automation Workflow - CVE-2024-22353

Summary IBM WebSphere Application Server Liberty profile is shipped with IBM Business Automation Workflow components User Management Service and Process Federation Service. Liberty is also used in containerized versions of IBM Business Automation Workflow. Liberty is vulnerable to a denial of...

Security Bulletin: Weaker than expected security vulnerability affect IBM Business Automation Workflow - CVE-2024-22329

Summary IBM WebSphere Application Server Liberty profile is shipped with Process Federation Server and User Management Services in IBM Business Automation Workflow traditional. IBM Business Automation Workflow containers build upon IBM WebSphere Liberty profile. Information about a security...

Security Bulletin: Weaker than expected security vulnerability affect IBM Business Automation Workflow - CVE-2023-50312

Summary IBM WebSphere Application Server Liberty profile is shipped with Process Federation Server and User Management Services in IBM Business Automation Workflow traditional. IBM Business Automation Workflow containers build upon IBM WebSphere Liberty profile. Information about a security...

Security Bulletin: Weaker than expected security vulnerability affect IBM Business Automation Workflow - CVE-2024-25026

Summary IBM WebSphere Application Server Liberty profile is shipped with Process Federation Server and User Management Services in IBM Business Automation Workflow traditional. IBM Business Automation Workflow containers build upon IBM WebSphere Liberty profile. Information about a security...

Security Bulletin: Weaker than expected security vulnerability affect IBM Business Automation Workflow - CVE-2024-22329

Summary IBM WebSphere Application Server Liberty profile is shipped with Process Federation Server and User Management Services in IBM Business Automation Workflow traditional. IBM Business Automation Workflow containers build upon IBM WebSphere Liberty profile. Information about a security...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM Business Automation Workflow - CVE-2024-27268

Summary IBM WebSphere Application Server Liberty profile is shipped with IBM Business Automation Workflow components User Management Service and Process Federation Service. Liberty is also used in containerized versions of IBM Business Automation Workflow. Liberty is vulnerable to a denial of...

Security Bulletin: Denial of Service vulnerability in WebSphere Liberty affects IBM Business Automation Workflow - CVE-2023-51775

Summary IBM WebSphere Application Server Liberty profile is shipped with IBM Business Automation Workflow components User Management Service and Process Federation Service. Liberty is also used in containerized versions of IBM Business Automation Workflow. Liberty is vulnerable to a denial of...

Insufficiently Protected Credentials

SimpleSAMLphp is vulnerable to Insufficiently Protected Credentials. The vulnerability is due to credentials being insecurely saved to the user's session state when the ECP profile is disabled but supported in the Identity Provider's metadata, which could result in an attacker with administrator...

Exploit for CVE-2024-4956

...

RHEL 8 : perl-dbi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-dbi: Buffer overflow on an overlong DBD class name (CVE-2020-14393) An issue was discovered in the...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1800)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...

RHEL 5 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sssd: information leak from the sssd-sudo responder (CVE-2018-10852) The System Security Services Daemon...

RHEL 8 : fop (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. batik: Server-Side Request Forgery vulnerability (CVE-2022-44729) Server-Side Request Forgery (SSRF)...

SUSE: Security Advisory (SUSE-SU-2024:1895-1)

The remote host is missing an update for...

ORing IAP-420 2.01e Cross Site Scripting / Command Injection Vulnerabilities

...

CVE-2024-4958

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This makes it...

CVE-2024-4958

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This makes it...

CVE-2024-4958 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege Escalation

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This makes it...

CVE-2024-4958 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege Escalation

The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This makes it...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

...

New banking trojan “CarnavalHeist” targets Brazil with overlay attacks

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...

Exploit for Improper Authentication in Ivanti Connect Secure

...

User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin < 3.2.1 - Missing Authorization to Privilege Escalation

Description The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This....

Exploit for CVE-2024-1208

...

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

TYPO3 Cross-Site Scripting in Frontend User Login

Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile. Template.....

TYPO3 Cross-Site Scripting in Frontend User Login

Failing to properly encode user input, login status display is vulnerable to cross-site scripting in the website frontend. A valid user account is needed in order to exploit this vulnerability - either a backend user or a frontend user having the possibility to modify their user profile. Template.....

Exploit for Cross-site Scripting in Cpanel

...

Code injection in the way Symfony implements translation caching in FrameworkBundle

When investigating issue #11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. Your Symfony application is vulnerable if you meet the following conditions: You are using the Symfony translation system from...

Code injection in the way Symfony implements translation caching in FrameworkBundle

When investigating issue #11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. Your Symfony application is vulnerable if you meet the following conditions: You are using the Symfony translation system from...

SUSE SLES15 / openSUSE 15 Security Update : warewulf4 (SUSE-SU-2024:1838-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1838-1 advisory. - fixed wwctl configure --all doesn't configure ssh (bsc#1225402) - update to 4.5.2 with following changes: * Reorder dnsmasq config to...

UserPro < 5.1.9 - Unauthenticated Account Takeover to Privilege Escalation

Description The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthenticated account takeover in all versions up to, and including 5.1.8. This makes it possible for unauthenticated attackers to take over user accounts and gain highly privileged access....

ORing IAP-420 2.01e Cross Site Scripting / Command Injection

...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2023-51775, CVE-2024-22354)

Summary IBM WebSphere Application Server (WAS) is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletin(s) listed in the Remediation/Fixes section....