WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers being installed, crashing of the site or information retrieval via SQL injection, researchers said. Welcart e-Commerce is a free WordPress plugin that has more than...

PT-2020-15550 · Jenkins · Jenkins Static Analysis Utilities Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Static Analysis Utilities Plugin versions 1.96 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. This occurs because the annotation message in tooltips is not properly escaped, allowing...

CVE-2020-26511

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...

Unspecified Vulnerability in CloudBees Jenkins Repository Connector Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Repository Connector Plugin is used in one of...

PT-2020-15478 · Jenkins · Jenkins Blue Ocean Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Blue Ocean Plugin versions 1.23.2 and earlier Description: The issue concerns an undocumented feature flag that allows an attacker with specific permissions to read arbitrary files on the Jenkins controller file system. The flag...

CloudBees Jenkins XSS Vulnerability (CNVD-2020-51387)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

PT-2020-15679 · Fahad Mahmood · Fahad Mahmood Rss Feed Widget Plugin

Name of the Vulnerable Software and Affected Versions: Fahad Mahmood RSS Feed Widget Plugin versions 2.7.9 and lower Description: The issue is related to a reflected XSS vulnerability. It occurs because the value of the t GET parameter is not sanitized before being echoed back inside an input tag...

jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps

Jenkins Credentials Binding Plugin 1.22 and earlier does not mask i.e., replace with asterisks secrets in the build log when the build contains no build steps...

CloudBees Jenkins Pipeline Maven Integration Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . Pipeline Maven Integration Plugin is used ...

Add From Server <= 3.3.3 - Authenticated Path Traversal to Arbitrary File Access

An authenticated attacker with low permission can read arbitrary files on server using Path Traversal. The plugin author states that this is by design and that the plugin should not be used. Please refer to the references. PoC http://example.com/wp-admin/upload.php?page=add-from-server=/...

Newsletter WordPress Plugin Opens Door to Site Takeover

Newsletter, a WordPress plugin with more than 300,000 installations, has a pair of vulnerabilities that could lead to code-execution and even site takeover. The Newsletter plugin offers site admins a visual editor that can be used to create newsletters and email campaigns from within WordPress...

CVE-2020-15593

CVE-2020-15592/15593 (SteelCentral Aternity Agent 11.0.0.120, Windows) : The NVD entries describe a privilege-escalation and code-execution risk due to insecure inter-process communication. An IPC channel (AternityAgentAssistantIpc) allows any system user to retrieve a serialized object and remot...

Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass

The plugin is affected by a loose comparison issue, which could allow any user to log in as administrator. PoC An attacker can manipulate $GET'algwcevverifyemail' and set this payload: eyJpZCI6MSwiY29kZSI6MH0= Example: https://example.com/my-account/?algwcevverifyemail=eyJpZCI6MSwiY29kZSI6MH0=...

Wordpress Powie WHOIS Domain Check 0.9.31 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link:...

CVE-2020-5972

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10....

jenkins-subversion-plugin: XSS in project repository base url

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

Multi Scheduler <= 1.0.0 - Arbitrary Record Deletion via CSRF

The lack of CSRF check could allow attacker to delete arbitrary records from the plugin for example Professional ones via a CSRF attack. The issue is not patched, and has ben escalated to WP plugins team on May 29th, 2020 PoC The PoC will be displayed once the issue has been remediated...

Design/Logic Flaw

An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The faroptionspage function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript,...

CVE-2020-13486

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...

Design/Logic Flaw

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled...