WordPress Profile Builder Plugin <= 3.10.7 is vulnerable to Insecure Direct Object References (IDOR)

Software Profile Builder Type Plugin Vulnerable versions = 3.10.7 Fixed in 3.10.8 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6504 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a72357868f4 Credits Francesco...

How AI hallucinations are making bug hunting harder

Bug bounty programs that pay people for finding bugs are a very useful tool for improving the security of software. But with the availability of artificial intelligence AI as seen in the popular large language models LLMs like ChatGPT, Bard, and others it looks like there is a new problem on the...

Woostify Sites Library < 1.4.8 - Subscriber+ Arbitrary Options Update to DoS

Description The plugin does not have authorisation in an AJAX action, allowing any authenticated users, such as subscriber to update arbitrary blog options and set them to 'activated' which could lead to DoS when using a specific option name Login as subscriber, open...

WordPress WooCommerce Tranzila Gateway Plugin <= 1.0.8 is vulnerable to PHP Object Injection

Software WooCommerce Tranzila Gateway Type Plugin Vulnerable versions = 1.0.8 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2023-52218 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 69111059637e Credits Rafie Muhammad Patchstack...

WordPress Quiz Maker Plugin <= 6.5.1.1 is vulnerable to Broken Access Control

Software Quiz Maker Type Plugin Vulnerable versions = 6.5.1.1 Fixed in 6.5.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-21743 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID a1ecb2fb052d Credits Abdi Pranata Required...

WordPress Weaver Xtreme Theme <= 6.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Weaver Xtreme Type Theme Vulnerable versions = 6.3.0 Fixed in 6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6990 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5fb809beeb50 Credits Francesco Carlucci Required...

WordPress Booster Plus for WooCommerce Plugin < 7.1.3 is vulnerable to Sensitive Data Exposure

Software Booster Plus for WooCommerce Type Plugin Vulnerable versions 7.1.3 Fixed in 7.1.3 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-52230 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 715c035601b4 Credits Dave Jong...

@backstage/backend-app-api leaks GitLab access tokens

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

GHSA-86RG-PF4C-5GRG @backstage/backend-app-api leaks GitLab access tokens

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

CVE-2023-6944

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

CVE-2023-6944

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

Code injection

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

CVE-2023-6944

CVE-2023-6944 affects Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 GitLab token ends with a newline, causing the sanitized error to reveal the raw token. With access to the token and appropriate permissions, an attacker could...

CVE-2023-6944 Rhdh: catalog-import function leaks credentials to frontend

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

CVE-2023-6944 Rhdh: catalog-import function leaks credentials to frontend

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

WordPress Page Builder: Live Composer Plugin <= 1.5.23 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder: Live Composer Type Plugin Vulnerable versions = 1.5.23 Fixed in 1.5.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-52193 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 70cd66e65bfa Credits Ngô Thiên An ancorn from...

GitLab 11.0 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39944)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A...

WordPress WP SMS Plugin <= 6.5 is vulnerable to SQL Injection

Software WP SMS Type Plugin Vulnerable versions = 6.5 Fixed in 6.5.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-6981 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 0cdcc4de6b6a Credits Krzysztof Zając Required privilege Administrator Published 3...

WordPress WooCommerce Conversion Tracking Plugin <= 2.0.11 is vulnerable to Broken Access Control

Software WooCommerce Conversion Tracking Type Plugin Vulnerable versions = 2.0.11 Fixed in 2.0.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-52217 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 83cd471b97c1 Credits Abdi...

WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Plugin <= 4.3.0 is vulnerable to Broken Access Control

Software WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-7068 Patch priority Low CVSS severity Low 4.3 Developer Claim...