WordPress Motors plugin <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution via Custom Title vulnerability discovered by WordFence in WordPress Plugin Motors versions = 1.4.43...

PT-2024-37569 · Wbw · The Product Table

Name of the Vulnerable Software and Affected Versions: The Product Table by WBW plugin for WordPress version 2.0.1 and earlier Description: The issue is related to Remote Code Execution due to missing authorization and lack of sanitization of appended data in the languages/customTitle.php file...

CVE-2023-27890

The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Shellcode - Win32 MessageBox Metasploit module

Shellcode - Win32 MessageBox Metasploit module. Shellcode exploit for win32 platform $Id: messagebox.rb 4 2010-02-26 00:28:00:00Z corelanc0d3r & rick2600 $ Installation instructions : Drop file in framework3/modules/payloads/singles/windows folder Usage : ./msfpayload windows/messagebox...