Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-46236: SSRF via unauthenticated endpoint(s).

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, a server-side-request-forgery (SSRF) vulnerability allowed an unauthenticated user to trigger a GET request as the server to an arbitrary endpoint and URL scheme. This also allows remote access to files visible to the Apache user group. Other impacts vary based on server configuration. Version 1.5.10 contains a patch.

CVE
Open in Source
#vulnerability#web#apache#php#ssrf#auth
CVE-2023-31212: WordPress Contact Form Entries plugin <= 1.3.0 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0.

CVE-2023-24000: WordPress GamiPress plugin <= 2.5.7 - Unauthenticated SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GamiPress gamipress allows SQL Injection.This issue affects GamiPress: from n/a through 2.5.7.

CVE-2023-4836: CVE-2023-4836 - User Private Files - IDOR to Sensitive data and private files exposure / leak of info - POC - Use only certified WordPress plugins for your website

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced

CVE-2023-5237: CVE-2023-5237 - Memberlite Shortcodes - Stored XSS via shortcode - Use only certified WordPress plugins for your website

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin.

CVE-2023-28777: WordPress LearnDash LMS plugin <= 4.5.3 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from n/a through 4.5.3.

CVE-2023-46978: vuln-reports/TOTOLINK X6000R/1/README.md at master · shinypolaris/vuln-reports

TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can reset login password & WIFI passwords without authentication.

CVE-2023-46977: vuln-reports/TOTOLINK LR1200GB/1/README.md at master · shinypolaris/vuln-reports

TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth.

CVE-2023-4823

The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an AJAX endpoint for configuring the plugin settings. This endpoint has no capability checks and does not sanitize the user input, which is then later output unescaped. Allowing any authenticated users, such as subscriber change them and perform Stored Cross-Site Scripting.

CVE-2023-5458

The CITS Support svg, webp Media and TTF,OTF File Upload WordPress plugin before 3.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.