Lucene search
+L

311 matches found

CNNVD
CNNVD
added 2024/01/17 12:0 a.m.9 views

WordPress Plugin Social Warfare Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

10CVSS8AI score0.01923EPSS
Exploits1References4
Wallarm Lab
Wallarm Lab
added 2023/12/27 2:58 p.m.18 views

CISO: Top 10 Trends for 2024

I recently hosted and moderated a distinguished panel of Chief Information Security Officers CISOs - Nitin Raina, CISO at ThoughtWorks, Mike Wilkes, former CISO at Marvel and Yogesh Badwe, CSO at Druva. We discussed major trends for 2024 across an array of topics including the evolving threat...

7.8AI score
Exploits0
Talos Blog
Talos Blog
added 2023/12/04 1:1 p.m.21 views

Project PowerUp – Helping to keep the lights on in Ukraine in the face of electronic warfare

As Russias invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraines energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit has exacerbated something that hasnt had much media attention: The effects of electronic GPS jammers...

6.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/12/01 5:1 a.m.8 views

Anduril’s New Drone Killer Is Locked on to AI-Powered Warfare

Autonomous drones are rapidly changing combat. Anduril’s new one aims to gain an edge with jet power and AI...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/22 1:58 a.m.3 views

warfarehistorynetwork.com Open Redirect vulnerability OBB-3790273

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/11/07 6:41 p.m.16 views

Internet Blackouts in Gaza Are a New Weapon in the Israel-Hamas War

Israel has said it’s prepared to disrupt internet service in Gaza, signaling a new age of warfare. In the past two weeks, the Palestinian territory has already suffered three communications shutdowns...

7.2AI score
Exploits0
OSV
OSV
added 2023/11/07 12:15 p.m.10 views

CVE-2023-4842

The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

5.4CVSS6AI score0.00566EPSS
Exploits1References4
NVD
NVD
added 2023/11/07 12:15 p.m.28 views

CVE-2023-4842

The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00566EPSS
Exploits1References4
Prion
Prion
added 2023/11/07 12:15 p.m.22 views

Cross site scripting

The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

4.9CVSS5.9AI score0.00566EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/11/07 11:31 a.m.35 views

CVE-2023-4842 Social Sharing Plugin - Social Warfare <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'socialwarfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00566EPSS
Exploits1References4
CVE
CVE
added 2023/11/07 11:31 a.m.86 views

CVE-2023-4842

CVE-2023-4842 refers to a stored XSS in the WordPress plugin Social Warfare (Social Sharing Plugin). The issue stems from insufficient input sanitization and output escaping in the social_warfare shortcode attributes, allowing authenticated attackers with contributor+ permissions to inject arbitr...

6.4CVSS5.3AI score0.00566EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/07 12:0 a.m.14 views

PT-2023-30839 · WordPress · Social Warfare

Name of the Vulnerable Software and Affected Versions: The Social Sharing Plugin - Social Warfare plugin for WordPress versions up to, and including, 4.4.3 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'social warfare'...

6.4CVSS6.2AI score0.00566EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.6 views

WordPress Plugin Social Sharing Plugin - Social Warfare Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS6.6AI score0.00566EPSS
Exploits1References6
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.15 views

WordPress Social Warfare Plugin <= 4.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Social Warfare Type Plugin Vulnerable versions = 4.4.3 Fixed in 4.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4842 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c0bd3193c179 Credits Lana Codes Required...

6.4CVSS6AI score0.00566EPSS
Exploits1References3Affected Software1
Schneier on Security
Schneier on Security
added 2023/10/31 11:3 a.m.17 views

The Future of Drone Warfare

Ukraine is using $400 drones to destroy tanks: Facing an enemy with superior numbers of troops and armor, the Ukrainian defenders are holding on with the help of tiny drones flown by operators like Firsov that, for a few hundred dollars, can deliver an explosive charge capable of destroying a...

7.2AI score
Exploits0
Trellix
Trellix
added 2023/10/30 12:0 a.m.19 views

Trellix 2024 Threat Predictions

Trellix 2024 Threat Predictions By Trellix · October 30, 2023 Introduction This last year we have seen upheaval across the cybersecurity landscape. The need for effective, worldwide threat intelligence continues to grow as geopolitical and economic developments create an increasingly complicated...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/10/12 6:44 p.m.25 views

DDoS Attacks Leveraged by Attackers in Israel Conflict

Over the last few years, we’ve observed Distributed Denial of Service DDoS attacks used in many conflicts. In the Russia-Ukraine war, DDoS was used both by government cyber agencies and individual hacktivist groups to disrupt the flow of information and deface sites to promote propaganda. The...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/23 12:43 p.m.38 views

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

The U.S. Federal Bureau of Investigation FBI on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/17 1:0 p.m.23 views

Rapid7’s Mid-Year Threat Review

It will come as little surprise to most people that cyber threats in 2023 have been rather prolific. From widely exploited vulnerabilities to high-profile ransomware and extortion campaigns, the first half of the year has seen more than its fair share of large-scale incidents. Rapid7’s 2023...

7.1AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2023/07/29 1:0 p.m.12 views

‘Call of Duty: Modern Warfare 2’ Players Hit With Worm Malware

Plus: Russia tightens social media censorship, new cyberattack reporting rules for US companies, and Google Street View returns to Germany...

7AI score
Exploits0
Rows per page
Query Builder