Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment

Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using --tag-key and --tag-value arguments...

WordPress Enlighten theme <= 1.3.5 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress Enlighten theme versions = 1.3.5. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...

WordPress Enlighten theme <= 1.3.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Enlighten theme versions = 1.3.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores t...

Enlighten Manager - Unsafe deleting, WebView JavaScript enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Enlighten Manager published at the 'play' market has multiple vulnerabilities...