WordPress < 5.4.2 - Misuse of set-screen-option Leading to Privilege Escalation

Description Props to Simon Scannell of RIPS Technologies for finding an issue where set-screen-option can be misused by plugins leading to privilege escalation...

Official Code Analysis Partner for TYPO3

RIPS Technologies and TYPO3 are proud to announce their new technical partnership. TYPO3 will be using RIPS industry-leading code analysis solution to continuously scan the TYPO3 code base for security vulnerabilities and weaknesses. CEO Johannes Dahse explains: “This partnership represents anoth...

Critical Flaws in 'OXID eShop' Software Expose eCommerce Sites to Hacking

If your e-commerce website runs on the OXID eShop platform, you need to update it immediately to prevent your site from becoming compromised. Cybersecurity researchers have discovered a pair of critical vulnerabilities in OXID eShop e-commerce software that could allow unauthenticated attackers t...

WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution vulnerability

Authenticated Code Execution vulnerability discovered by Simon Scannell RIPS Technologies in WordPress versions 3.7-5.0, except 4.9.9. Solution Update WordPress to the latest available version at least 5.0.1 or 4.9.9...

WordPress <= 5.0 - Authenticated Post Type Bypass

Description According to WordPress: "Simon Scannell of RIPS Technologies discovered that authors could create posts of unauthorized post types with specially crafted input."...

WordPress <= 5.0 - Authenticated Post Type Bypass vulnerability

Authenticated Post Type Bypass vulnerability found by RIPS Technologies in WordPress versions = 5.0. Solution Update WordPress to the latest available version at least 5.0.1...

WordPress Jetpack plugin <= 6.4.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Jetpack plugin versions = 6.4.2. Solution Update the WordPress Jetpack plugin to the latest available version at least 6.5...

Contact Form by WPForms < 1.4.8.1 - Unauthenticated Cross-Site Scripting (XSS)

RIPS Technologies identified an Unauthenticated Cross-Site Scripting XSS vulnerability within the WPForms WordPress plugin during their WordPress Security Calendar 2018 research. The date parameter was embedded within JavaScript code without any validation or encoding...

WordPress Smush Image Compression and Optimization plugin <= 2.9.1 - Authenticated XSS & Phar Deserialization vulnerabilities

Authenticated XSS & Phar Deserialization vulnerabilities found by RIPS Technologies in WordPress Smush Image Compression and Optimization plugin versions = 2.9.1. Solution Update the WordPress Smush Image Compression and Optimization plugin to the latest available version at least 3.0.0...

WordPress WP Mail SMTP by WPForms plugin <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress WP Mail SMTP by WPForms plugin versions = 1.3.3. Solution Update the WordPress WP Mail SMTP by WPForms plugin to the latest available version at least 1.4.0...

WordPress Google Analytics by Monster Insights plugin <= 7.1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Google Analytics by Monster Insights plugin versions = 7.1.0. Solution Update the WordPress Google Analytics by Monster Insights plugin to the latest available version at least 7.2.0...

WordPress Contact Form by WPForms plugin <= 1.4.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Contact Form by WPForms plugin versions = 1.4.7. Solution Update the WordPress Contact Form by WPForms plugin to the latest available versions at least 1.4.8...

Debian DLA-1593-1 : phpbb3 security update

Simon Scannell and Robin Peraglie of RIPS Technologies discovered that passing an absolute path to a fileexists check in phpBB, a full featured web forum, allows remote code execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel...

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce...

PHP Code Quality Testing with RIPS 2.9.0

Code Quality VS. Exploitable Vulnerabilities There are many different perceptions of a "vulnerability" in the various tools available. What we at RIPS Technologies rank as a minor code quality issue, often is reported as a high-severe vulnerability by other vendors. The reason for this are...

Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

Joomla on Tuesday patched a critical vulnerability that had lingered in the content management system for eight years. It’s unknown whether the bug had been publicly exploited before it was privately reported in July, but an attacker could have leveraged the flaw to steal administrator login...