PT-2023-30678 · Cybrosys Techno Solutions · Cybrosys Techno Solutions Website Blog Search

Name of the Vulnerable Software and Affected Versions: Cybrosys Techno Solutions Website Blog Search aka website search blog versions 13.0 through 13.0.1.0.1 Description: A SQL injection issue allows a remote attacker to execute arbitrary code and gain privileges via the name parameter in the...

CVE-2023-48049

CVE-2023-48049 affects Cybrosys Techno Solutions Website Blog Search (aka website_search_blog) versions 13.0–13.0.1.0.1. The issue is a SQL injection in the name parameter of the controllers/main.py component, allowing a remote attacker to execute arbitrary code and gain privileges. Impact is des...

blog.essense-of-life.com Improper Access Control vulnerability OBB-3807352

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos' Year in Review report

In this episode the Beers with Talos team, led by special guest Dave Liebenberg, set out to save Thanksgiving. The TurkeyLurkey man is the hero that everybody needs, but perhaps dont deserve. For fans and opposers of Daves Ranksgiving list, youll be pleased to know hes back with a whole new order...

Multiple Vulnerabilities In Extreme Networks ExtremeXOS

The post Multiple Vulnerabilities In Extreme Networks ExtremeXOS appeared first on Rhino Security Labs...

CVE-2023-5952

The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog...

October CMS 3.4.0 Category Cross Site Scripting

OctoberCMS v3.4.0 Category Stored Cross-Site Scripting Vulnerability Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application...

October CMS 3.4.0 Blog Cross Site Scripting

OctoberCMS v3.4.0 Blog Stored Cross-Site Scripting Vulnerabilities Vendor: October CMS Product web page: https://www.octobercms.com Affected version: 3.4.0 Summary: OctoberCMS is a self-hosted content management system CMS based on the PHP programming language and Laravel web application framewor...

CS Money: Authentication Bypass to (CVE-2023-2982)

An authentication bypass vulnerability was discovered in an older version of the WordPress plugin WordPress Social Login and Register Discord, Google, Twitter, LinkedIn...

CVE-2023-48281

Cross-Site Request Forgery CSRF vulnerability in Super Blog Me Broken Link Checker for YouTube allows Cross Site Request Forgery.This issue affects Broken Link Checker for YouTube: from n/a through 1.3...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Super Blog Me Broken Link Checker for YouTube allows Cross Site Request Forgery.This issue affects Broken Link Checker for YouTube: from n/a through 1.3...

CVE-2023-48281

CVE-2023-48281 concerns the WordPress plugin Broken Link Checker for YouTube. A CSRF flaw affects versions

PT-2023-30756 · Unknown · Super Blog Me Broken Link Checker For Youtube

Name of the Vulnerable Software and Affected Versions: Super Blog Me Broken Link Checker for YouTube versions 1.3 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions. This is a type of attack where an attacker tricks a user into...

Digital Car Keys Are Coming

Soon we will be able to unlock and start our cars from our phones. Lets hope people are thinking about security...

Blog Filter < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilter' shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2023-5815

The News & Blog Designer Pack – WordPress Blog Plugin — Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdpgetmorepost...

CVE-2023-5815

The News & Blog Designer Pack WordPress plugin (

Defeat Web Shell WSO-NG

...

WordPress Plugin News & Blog Designer Pack Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

Inside the Operation to Bring Down Trump’s Truth Social

The North Atlantic Fellas Organization is trying to shut down Trump’s flailing social media platform before the 2024 election—by shitposting...