10 matches found
CVE-2024-4544
The Pie Register - Social Sites Login Add on plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for unauthenticate...
CVE-2024-11293 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth provider
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due to insufficient...
WordPress Pie Register (Add on) - Social Sites Login plugin <= 1.7.9 - Authentication Bypass vulnerability
WordPress Pie Register Add on - Social Sites Login plugin = 1.7.9 - Authentication Bypass vulnerability discovered by wesley wcraft in WordPress Plugin Pie Register Add on - Social Sites Login versions = 1.7.9...
WordPress Pie Register - Social Sites Login (Add on) plugin <= 1.7.7 - Authentication Bypass vulnerability
WordPress Pie Register - Social Sites Login Add on plugin = 1.7.7 - Authentication Bypass vulnerability discovered by István Márton in WordPress Plugin Pie Register Add on - Social Sites Login versions = 1.7.7...
CVE-2024-4544 Pie Register - Social Sites Login (Add on) <= 1.7.7 - Authentication Bypass
The Pie Register - Social Sites Login Add on plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.7. This is due to insufficient verification on the user being supplied during a social login through the plugin. This makes it possible for unauthenticate...
WordPress Pie Register (Add on) - Social Sites Login Plugin <= 1.7.7 is vulnerable to Broken Authentication
Software Pie Register Add on - Social Sites Login Type Plugin Vulnerable versions = 1.7.7 Fixed in 1.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-4544 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID...
Weblate: Open redirect in Signing in via Social Sites
Weak Authentication Leads to the Open redirection to Malicios Sites : Signing in via Facebook : + https://hosted.weblate.org/accounts/login/facebook/?next=///evil.com Signing in via Gmail : + https://hosted.weblate.org/accounts/login/google-oauth2/?next=///evil.com Signing in via Github: +...
Malware More Globally Distributed, Still Made in China
In an attempt to better evade detection, cybercriminals are increasingly configuring their command and control infrastructure in such a way that initial malware callbacks communicate with a server located in the same country as the newly infected machines. This emerging trend is among the vast an...
Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting
Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting Exploit Title: Social Sites MyBB Plugin 0.2.2 Cross Site Scripting Google Dork: inurl:usercp.php?action=socialsites Date: 13.12.2012 Exploit Author: s3m00t Vendor Homepage: http://mattrogowski.co.uk/mybb/ Software Link:...
Cybergangs use cheap labor to break codes on social sites
From USA Today Byron Acohido It’s become the new front in cybercrime: scams and identity-theft programs that attack e-mail accounts and users of social-networking sites such as Facebook and MySpace. To carry out many of these automated attacks, cybercriminals first must overcome “captchas,” the...