WordPress CPT Bootstrap Carousel Plugin <= 1.12 is vulnerable to Cross Site Scripting (XSS)

Software CPT Bootstrap Carousel Type Plugin Vulnerable versions = 1.12 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4834 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 49016ec732ce Credits István Márton...

WordPress MediaElement.js – HTML5 Video & Audio Player Plugin <= 4.2.8 is vulnerable to Cross Site Scripting (XSS)

Software MediaElement.js – HTML5 Video & Audio Player Type Plugin Vulnerable versions = 4.2.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4699 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2aa0c80da566...

WordPress kingclub-theme Theme < 10 is vulnerable to Arbitrary File Upload

Software kingclub-theme Type Theme Vulnerable versions 10 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID c582a1ee7025 Credits Joshua Small Required privilege...

WordPress statfort Theme < 10 is vulnerable to Arbitrary File Upload

Software statfort Type Theme Vulnerable versions 10 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 68bfdf44186f Credits Joshua Small Required privilege...

WordPress GS Logo Slider Plugin < 3.3.8 is vulnerable to Cross Site Scripting (XSS)

Software GS Logo Slider Type Plugin Vulnerable versions 3.3.8 Fixed in 3.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4624 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cf767b7a3829 Credits István Márton Require...

WordPress WP Google My Business Auto Publish Plugin < 3.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Google My Business Auto Publish Type Plugin Vulnerable versions 3.4 Fixed in 3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4790 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID d445bdc86be1 Credits Istvá...

WordPress Passster – Password Protection Plugin < 3.5.5.9 is vulnerable to Broken Access Control

Software Passster – Password Protection Type Plugin Vulnerable versions 3.5.5.9 Fixed in 3.5.5.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-24881 Patch priority Low CVSS severity Low 5.3 Developer Patrick Posner PSID 3b75ba83694c Credits dc11 Required...

WordPress Genesis Columns Advanced Plugin < 2.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Genesis Columns Advanced Type Plugin Vulnerable versions 2.0.4 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4706 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID f94799f31fa9 Credits István Márt...

WordPress Top 10 Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Top 10 Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4570 Patch priority Medium CVSS severity Medium 6.3 Developer WebberZone PSID f49ce51b95e1 Credits István Márton Required privilege...

WordPress WeStand Theme < 2.1 is vulnerable to Arbitrary File Upload

Software WeStand Type Theme Vulnerable versions 2.1 Fixed in 2.1 OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 225b04e7a551 Credits Joshua Small Required privilege...

WordPress Passster – Password Protection Plugin < 3.5.5.8 is vulnerable to Cross Site Scripting (XSS)

Software Passster – Password Protection Type Plugin Vulnerable versions 3.5.5.8 Fixed in 3.5.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2021-24837 Patch priority Medium CVSS severity Medium 6.3 Developer Patrick Posner PSID b41d0cd0e690 Credits...

WordPress Word Balloon Plugin < 4.19.3 is vulnerable to Cross Site Scripting (XSS)

Software Word Balloon Type Plugin Vulnerable versions 4.19.3 Fixed in 4.19.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4751 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 147788398dbc Credits István Márton Require...

WordPress User Verification Plugin < 1.0.94 is vulnerable to Bypass Vulnerability

Software User Verification Type Plugin Vulnerable versions 1.0.94 Fixed in 1.0.94 OWASP Top 10 A2: Broken Authentication Classification Bypass Vulnerability CVE CVE-2022-4693 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 89cd3dc7d831 Credits István Márton Required...

WordPress Print-O-Matic Plugin < 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Print-O-Matic Type Plugin Vulnerable versions 2.1.8 Fixed in 2.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4753 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 27083e2d8927 Credits István Márton Required...

Upgraded Q -> M from #4 [1671756144822]

Judge has assessed an item in Issue 4 as M risk. The relevant finding follows: GroupBuy: Insertion timestamp ignored The documentation states that "If the users have the same quantity as well, the bid that was placed later will have Raes removed.". However, with the current implementation, this i...

Priority queue min accounting breaks when nodes are split in two

Lines of code Vulnerability details The README states If two users place bids at the same price but with different quantities, the queue will pull from the bid with a higher quantity first, but the data-structure used for implementing this logic, is not used properly and essentially has its data...

Bids are wrongly ordered when prices and quantities are equal.

Lines of code Vulnerability details Description In GroupBuy, when total amount of Raes is filled up with purchases, users start competing with higher price offers. Their bids are laid out in a min priority queue structure implemented in MinPriorityQueue.sol. The docs clearly state that when two...

This Week in Spring - December 13th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! I truly, absolutely, can not believe that were nearly done with the year already! Have you made your new years resolutions? Submitted your expense reports? Its that time of the year when Im going to start focusing on staying...

kernel: sched/fair: Fix fault in reweight_entity

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix fault in reweightentity Syzbot found a GPF in reweightentity. This has been bisected to commit 4ef0c5c6b5ba "kernel/sched: Fix schedfork access an invalid schedtaskgroup" There is a race between schedpostfork and...

BLOCK_PERIOD is incorrect

Lines of code Vulnerability details The BLOCKPERIOD is set to 13 seconds in Config.sol. uint256 constant BLOCKPERIOD = 13 seconds; Since moving to Proof-of-Stake PoS after the Merge, block times on ethereum are fixed at 12 seconds per block slots. . Impact This results in incorrect calculation of...