311 matches found
WordPress Plugin Social Warfare Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CISO: Top 10 Trends for 2024
I recently hosted and moderated a distinguished panel of Chief Information Security Officers CISOs - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat...
Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare
As Russias invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraines energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit has exacerbated something that hasnt had much media attention: The effects of electronic GPS jammers...
Anduril’s New Drone Killer Is Locked on to AI-Powered Warfare
Autonomous drones are rapidly changing combat. Anduril’s new one aims to gain an edge with jet power and AI...
warfarehistorynetwork.com Open Redirect vulnerability OBB-3790273
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Internet Blackouts in Gaza Are a New Weapon in the Israel-Hamas War
Israel has said it’s prepared to disrupt internet service in Gaza, signaling a new age of warfare. In the past two weeks, the Palestinian territory has already suffered three communications shutdowns...
CVE-2023-4842
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-4842
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Cross site scripting
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-4842 Social Sharing Plugin - Social Warfare <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-4842
CVE-2023-4842 refers to a stored XSS in the WordPress plugin Social Warfare (Social Sharing Plugin). The issue stems from insufficient input sanitization and output escaping in the social_warfare shortcode attributes, allowing authenticated attackers with contributor+ permissions to inject arbitr...
PT-2023-30839 · WordPress · Social Warfare
Name of the Vulnerable Software and Affected Versions: The Social Sharing Plugin - Social Warfare plugin for WordPress versions up to, and including, 4.4.3 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'social warfare'...
WordPress Plugin Social Sharing Plugin - Social Warfare Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress Social Warfare Plugin <= 4.4.3 is vulnerable to Cross Site Scripting (XSS)
Software Social Warfare Type Plugin Vulnerable versions = 4.4.3 Fixed in 4.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4842 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c0bd3193c179 Credits Lana Codes Required...
The Future of Drone Warfare
Ukraine is using $400 drones to destroy tanks: Facing an enemy with superior numbers of troops and armor, the Ukrainian defenders are holding on with the help of tiny drones flown by operators like Firsov that, for a few hundred dollars, can deliver an explosive charge capable of destroying a...
Trellix 2024 Threat Predictions
Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly complicated...
DDoS Attacks Leveraged by Attackers in Israel Conflict
Over the last few years, we’ve observed Distributed Denial of Service DDoS attacks used in many conflicts. In the Russia-Ukraine war, DDoS was used both by government cyber agencies and individual hacktivist groups to disrupt the flow of information and deface sites to promote propaganda. The...
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation FBI on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as...
Rapid7’s Mid-Year Threat Review
It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents. Rapid7’s 2023...
‘Call of Duty: Modern Warfare 2’ Players Hit With Worm Malware
Plus: Russia tightens social media censorship, new cyberattack reporting rules for US companies, and Google Street View returns to Germany...