EUVD-2021-34636

Malicious code in bioql PyPI...

CVE-2021-4451

The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. This allows authenticated attackers to perform phar deserialization on the server. This deserialization can allow other plugin or theme exploits if vulnerable softwa...

CVE-2021-4451

The NinjaFirewall WordPress plugin is affected (versions up to and including 4.3.3) by an authenticated PHAR deserialization issue. The underlying deserialization can enable exploits from other plugins/themes if vulnerable software is present. No specific exploit details or remediation are provid...

CVE-2021-4451 NinjaFirewall <= 4.3.3 - Authenticated PHAR Deserialization

The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. This allows authenticated attackers to perform phar deserialization on the server. This deserialization can allow other plugin or theme exploits if vulnerable softwa...

CVE-2021-4451 NinjaFirewall <= 4.3.3 - Authenticated PHAR Deserialization

The NinjaFirewall plugin for WordPress is vulnerable to Authenticated PHAR Deserialization in versions up to, and including, 4.3.3. This allows authenticated attackers to perform phar deserialization on the server. This deserialization can allow other plugin or theme exploits if vulnerable softwa...

WordPress plugin NinjaFirewall 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

NinjaFirewall < 4.3.4 - Authenticated (admin+) PHAR Deserialization

The plugin was affected by a PHAR deserialisation issue, which may allow admin users to execute arbitrary code on the remote host. The plugin did not have a POP chain available, so another plugin/theme with one would need to be present, other conditions for the attack are described in the vendor'...

WordPress NinjaFirewall plugin <= 4.3.3 - Authenticated PHAR Deserialization vulnerability

Authenticated PHAR Deserialization vulnerability discovered by Chloe Chamberland in WordPress NinjaFirewall plugin versions = 4.3.3. Solution Update the WordPress NinjaFirewall plugin to the latest available version at least 4.3.4...

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...