CVE-2022-23549

Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...

CVE-2022-23549 Discourse vulnerable to bypass of post max_length using HTML comments

Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 2.9.0.beta16 on the beta and tests-passed branches, users can create posts with raw body longer than the maxlength site setting by including html comments that are not counted toward the...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform. The platform includes features such as communities, email, and chat rooms. Discourse suffers from an information disclosure vulnerability that stems from the number of times it allows users posted in any thread to be exposed to unauthoriz...

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

WordPress Revive Old Posts Plugin < 9.0.11 is vulnerable to PHP Object Injection

Software Revive Old Posts Type Plugin Vulnerable versions 9.0.11 Fixed in 9.0.11 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2022-4680 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a37521b3e635 Credits Nguyen Huu Do Required privilege...

Improper Authentication

github.com/usememos/memos is vulnerable to improper authentication. Improper authentication allows an attacker to delete posts on the user's behalf...

Improper Authentication

github.com/usememos/memos is vulnerable to improper authentication. Improper restriction of excessive authentication attempts allows an attacker to delete posts on the user's behalf...

privilege escalation : Low access user can view Admin PRIVATE POST by using PIN functionality

Description Due to the privilege escalation issue Low access user can view Admin PRIVATE POST by abusing PIN functionality. PIN functionality is used to pin any post in TOP , by using the Low user Attacker can View the other & high privilege user PRIVATE POST , as per the flow its not PINNING any...

memos 安全漏洞

memos is an open source hosted meme center with knowledge management and social features. A security vulnerability exists in memos, which can be exploited by an attacker to post messages in the memos page...

Top 10 < 3.2.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its Block attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert a Top 1...

usememos/memos has Insufficient Granularity of Access Control

usememos/memos 0.9.0 and prior allows an attacker to archive any user's public or private post...

PT-2022-28102 · Unknown · Usememos/Memos

Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to insufficient granularity of access control, allowing an attacker to archive any user's public or private post. This affects the usememos/memos GitHub repository...

memos 授权问题漏洞

memos is an open source hosted meme center with knowledge management and social features. A vulnerability in authorization issues exists in versions prior to memos 0.9.1, which can be exploited by an attacker to archive any post public/private using IDOR...

threat-intel

threat-intel This repository contains supplemental items inclu...

Heap overflow

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

CVE-2022-4239 Workreap < 2.6.4 - Subscriber+ Arbitrary Posts Deletion via IDOR

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

WordPress theme Workreap 安全漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Workreap versions prior to 2.6.4. An...

CVE-2022-4024

The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users along with their posts...

CVE-2022-4024 Pie Register < 3.8.1.3 - Unauthenticated Arbitrary User Deletion

The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users along with their posts...