Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-36177 — Badaix Snapcast: An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute
An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API. CVSSv3.1 9.8 (CRITICAL) · EPSS 98th percentile
CVE-2023-51925 — Yonyou Yonbip: An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-51924 — Yonyou Yonbip: An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers
An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-51906 — Yonyou Yonbip: An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code
An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component. CVSSv3.1 9.8 (CRITICAL) · EPSS 65th percentile
CVE-2023-51928 — Yonyou Yonbip: An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers
An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-51927 — Yonyou Yonbip: v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method.
YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method. CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile
CVE-2023-51892 — Weaver E-cology: An issue in weaver e-cology v.10.0.2310.01 allows a remote attacker to execute arbitrary code
An issue in weaver e-cology v.10.0.2310.01 allows a remote attacker to execute arbitrary code via a crafted script to the FrameworkShellController component. CVSSv3.1 9.8 (CRITICAL) · EPSS 65th percentile
CVE-2023-51947 — Actidata Actinas_sl_2u-8_rdx_firmware: Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote
Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication. CVSSv3.1 9.1 (CRITICAL) · EPSS 54th percentile
CVE-2024-0705 — Webtoffee Stripe_payment_plugin_for_woocommerce: The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 9.8 (CRITICAL) · EPSS 95th percentile
CVE-2023-5806 — Mergentech Quality_management_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection. This issue affects Quality Management System: before v1.2. CVSSv3.1 9.8 (CRITICAL) · EPSS 20th percentile
High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE
Assetnote published technical research on authentication bypass and remote code execution vulnerabilities in Ivanti Pulse Connect Secure, demonstrating detection and exploitation methods. The research covers both the vulnerability mechanics and practical detection signatures for identifying exploitation attempts in the wild.
CVE-2021-4434 — Warfareplugins Social_warfare: The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions
The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows attackers to execute code on the server. CVSSv3.1 10.0 (CRITICAL) · EPSS 92th percentile
CVE-2023-46474 — Sigb Pmb: File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and
File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file. CVSSv3.1 7.2 (HIGH) · EPSS 98th percentile
CVE-2023-6979 — Cusrev Customer_reviews_for_woocommerce: The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ivole_import_upload_csv AJAX action in all versions up to, and including, 5.38.9. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH) · EPSS 88th percentile
CVE-2023-6878 — Leechesnutt Slick_social_share_buttons: The Slick Social Share Buttons plugin for WordPress is vulnerable to unauthorized modification of
The Slick Social Share Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dcssb_ajax_update' function in versions up to, and including, 2.4.11. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily. CVSSv3.1 8.8 (HIGH) · EPSS 44th percentile
CVE-2023-6875 — Wpexperts Post_smtp: The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover. CVE CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile
CVE-2023-6634 — Thimpress Learnpress: The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up
The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution. CVSSv3.1 8.1 (HIGH) · EPSS 100th percentile
CVE-2023-6567 — Thimpress Learnpress: The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’
The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2023-6316 — Mw_wp_form_project Mw_wp_form: The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due
The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the '_single_file_upload' function in versions up to, and including, 5.0.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL) · EPSS 92th percentile
CVE-2023-6266 — Backupbliss Backup_migration: The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download back-up files which can contain sensitive information such as user passwords, PII, database credentials, and much more. CVSSv3.1 7.5 (HIGH) · EPSS 96th percentile
CVE-2023-6220 — Piotnet Piotnet_forms: The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to
The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'piotnetforms_ajax_form_builder' function in versions up to, and including, 1.0.28. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.1 (HIGH) · EPSS 91th percentile
CVE-2023-5504 — Inpsyde Backwpup: The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settings will place an index.php and a .htaccess file into the chosen directory (unless already present) when the first backup job is run that are intended to prevent directory listing an CVSSv3.1 8.7 (HIGH) · EPSS 71th percentile
CVE-2023-6699 — Wpcompress Wp_compress: The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory
The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.10.33 via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. CVSSv3.1 9.1 (CRITICAL) · EPSS 89th percentile
CVE-2023-5448 — Aviplugins Wp_register_profile_with_shortcode: The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Cross-Site Request
The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.9. This is due to missing or incorrect nonce validation on the update_password_validate function. This makes it possible for unauthenticated attackers to reset a user's password via a forged request granted they can trick the user into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 45th percentile
CVE-2023-26999 — Netscout Ngeniusone: An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary
An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file. CVSSv3.1 9.8 (CRITICAL) · EPSS 69th percentile