CVE-2023-24422

A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a2fb25 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the...

PT-2023-18675 · Shopware · Shopware

Name of the Vulnerable Software and Affected Versions: Shopware versions prior to 6.4.18.1 Description: The log module in Shopware writes out all kinds of sent mails, potentially allowing an attacker with access to local system logs or a centralized logging store to access other users' accounts...

plugin: CSRF vulnerability in Script Security Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Script Security Plugin 1158.v7c1b73a69a08 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-specified webserver...

YITH WooCommerce Gift Cards Premium Plugin for WordPress < 3.20.0 Arbitrary File Upload

The WordPress YITH WooCommerce Gift Cards Premium Plugin installed on the remote host is affected by an Arbitrary File Upload. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

WordPress plugin WP Cerber Security, Anti-spam & Malware Scan 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

All In One WP Security & Firewall Plugin for WordPress < 3.8.8 SQL Injection

The WordPress All In One WP Security & Firewall Plugin installed on the remote host is affected by an SQL Injection. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

Jetpack CRM < 5.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins PoC As a...

WP Cerber < 9.3.3 - User Enumeration Bypass via Rest API

The plugin does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users PoC When the "Block access to users' data via REST API" settings is enabled...

WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Calvin Alkan in the WordPress Defender Security plugin versions = 3.3.2. Solution Update the WordPress Defender Security plugin to the latest available version at least 3.3.3...

WordPress All In One WP Security & Firewall Plugin < 5.1.1 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tipsandtricks-hq:allinonewpsecurity%26firewall"; ifdescripti...

CVE-2022-44737 WordPress All In One WP Security plugin <= 5.1.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security AIOS – Security and Firewall WordPress plugin = 5.1.0 on WordPress...

All In One WP Security & Firewall < 5.0.8 - IP Spoofing

The plugin is susceptible to IP Spoofing attacks, which can lead to bypassed security features like IP blocks, rate limiting, brute force protection, and more. PoC Set HTTPXREALIP or HTTPXFORWARDEDFOR used in getuseripaddress to bypass IP-based blocks...

Booster for WooCommerce - Custom Role Creation/Deletion via CSRF

The plugins does not properly check for CSRF when creating and deleting Customer roles, allowing attackers to make logged admins create and delete arbitrary custom roles via CSRF attacks PoC To delete the custom role dj it's possible to delete roles created by other plugins, make a logged in admi...

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.6 or 2.x prior to 2.361.3.4. It is, therefore, affected by multiple vulnerabilities including the following: - CVE-2022-38751 on snakeyaml fixed train 2.346.x.0.z BEE-237...

CVE-2022-45379

Jenkins Script Security Plugin 1189.vbab7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks...

CVE-2022-45379

CVE-2022-45379 affects Jenkins Script Security Plugin: versions 1189.vb_a_b_7c8fd5fde and earlier store whole-script approvals as the SHA-1 hash of the script, making them susceptible to SHA-1 collision attacks. Affected product: Jenkins Script Security Plugin (1189.vb_a_b_7c8fd5fde and earlier)....

CVE-2022-45379

Jenkins Script Security Plugin 1189.vbab7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks...

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire,...

GHSA-7VR5-72W7-Q6JC Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin

Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be...

GHSA-F6MQ-6FX5-W2CH Jenkins Script Security Plugin sandbox bypass vulnerability

A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b0b0aa451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary...