ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure

Description The plugin does not ensure that post contents to be displayed are public and belong to the plugin, allowing any authenticated user, such as subscriber to retrieve the content of arbitrary post such as draft and private via an IDOR vector. Password protected posts are not affected by...

NextGEN Gallery < 3.39 - Admin+ Local File Inclusion

Description The plugin does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks 1. Create a gallery and upload an image. 2. Add the NextGEN Gallery block to a page and click Edit. Select the Gallery creat...

Accusoft ImageGear pictwread heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1760 Accusoft ImageGear pictwread heap-based buffer overflow vulnerability September 25, 2023 CVE Number CVE-2023-35002 SUMMARY A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted...

Malicious code in pytarlooko (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6dddca319cc76ce2f8951f40c21b31bf4a25775212cc5339063154c7aecf052f Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

WordPress Media Library Assistant Plugin <= 3.10 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.10 Fixed in 3.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4716 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4ac4136611fc Credits Lana Codes Require...

Malicious code in pykooler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 62467741e97dcaabf79c3644575f93878d1abbf8757c6b67610de40e566ccd4f Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

WordPress Extensions for Leaflet Map Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Extensions for Leaflet Map Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5050 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID acc5ac62f7be Credits Lana Codes...

WordPress Widget Responsive for Youtube Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Widget Responsive for Youtube Type Plugin Vulnerable versions = 1.6.1 Fixed in 1.6.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5063 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 05aea07abadd Credits Lana Codes...

CVE-2023-5054 Super Store Finder <= 6.9.3 - Unauthenticated Email Creation/Sending

The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attacker...

WordPress Poptin Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Poptin Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4961 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6ca61fb922bb Credits Lana Codes Required privilege...

Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload

Description The plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE On a page where there is a form with a Signature field, run the following code in the web developer console while...

WordPress Super Store Finder Plugin <= 6.9.3 is vulnerable to Broken Access Control

Software Super Store Finder Type Plugin Vulnerable versions = 6.9.3 Fixed in 6.9.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-5054 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 31fa9f5f6872 Credits Etharus Required...

Malicious code in pylioner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx fc1b84bc437c3cc8804d2ce8eb8462c86b41882106840bf09fbad261fb6a0bb5 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

WordPress Horizontal scrolling announcement Plugin <= 9.2 is vulnerable to SQL Injection

Software Horizontal scrolling announcement Type Plugin Vulnerable versions = 9.2 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-4999 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 360dd90299d7 Credits Lana Codes Required privilege...

MAL-2023-8113 Malicious code in developer-scaffold-full-width-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de16c923e65362f8728b3d71ad9d78042c8f28793d8d720d387faf6316d8b174 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress WP Customer Reviews Plugin <= 3.6.6 is vulnerable to Cross Site Scripting (XSS)

Software WP Customer Reviews Type Plugin Vulnerable versions = 3.6.6 Fixed in 3.6.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4648 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 36513c06abe2 Credits Marco Wotschka...

WordPress Essential Blocks for Gutenberg Plugin <= 4.2.0 is vulnerable to PHP Object Injection

Software Essential Blocks for Gutenberg Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-4402 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 12450c59ad4b Credits Marco Wotschka Required...

WordPress Essential Blocks Pro Plugin <= 1.1.0 is vulnerable to PHP Object Injection

Software Essential Blocks Pro Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-4386 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID b459be820fbe Credits Marco Wotschka Required privilege...

WordPress WPvivid Backup and Migration Plugin <= 0.9.90 is vulnerable to Privilege Escalation

Software WPvivid Backup and Migration Type Plugin Vulnerable versions = 0.9.90 Fixed in 0.9.91 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2023-41243 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID a9e2cd303432 Credits Nguyen Anh Ti...

WordPress Login with phone number Plugin <= 1.5.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Login with phone number Type Plugin Vulnerable versions = 1.5.6 Fixed in 1.5.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-4916 Patch priority Low CVSS severity Low 8.8 Developer Hamid Alinia PSID af13ecc92bb0 Credits Lana Codes...