Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-5815 — Infornweb News_\&_blog_designer_pack: The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid
The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry) plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdp_get_more_post function hooked via a nopriv AJAX. This is due to function utilizing an unsafe extract() method to extract values from the POST variable and passing that input to the include() CVSSv3.1 8.1 (HIGH) · EPSS 98th percentile
CVE-2023-5466 — Gopiplus Wp_anything_slider: The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the
The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the d CVSSv3.1 8.8 (HIGH) · EPSS 63th percentile
CVE-2023-5465 — Gopiplus Popup_with_fancybox: The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the
The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the CVSSv3.1 8.8 (HIGH) · EPSS 57th percentile
CVE-2023-2497 — Userproplugin Userpro: The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is due to missing or incorrect nonce validation on the 'import_settings' function. This makes it possible for unauthenticated attackers to exploit PHP Object Injection due to the use of unserialize() on the user supplied parameter via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 40th percentile
CVE-2023-2449 — Userproplugin Userpro: The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up
The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (userpro_process_form). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently used. An attacker can leverage CVE-2023-2448 and CVE-2023-2446, CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2023-2440 — Userproplugin Userpro: The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.1. This is due to missing nonce validation in the 'admin_page', 'userpro_verify_user' and 'verifyUnverifyAllUsers' functions. This makes it possible for unauthenticated attackers to modify the role of verified users to elevate verified user privileges to that of any user such as 'administrator' via a forged request granted they can trick a site administrator into CVSSv3.1 8.8 (HIGH) · EPSS 31th percentile
CVE-2023-2437 — Userproplugin Userpro: The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to
The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to succes CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2023-2889 — Veom Service_tracking: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veon Computer Service Tracking Software allows SQL Injection.This issue affects Service Tracking Software: before crm 2.0. CVSSv3.1 9.8 (CRITICAL)
CVE-2023-5047 — Drd Drdrive: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DRD Fleet Leasing DRDrive allows SQL Injection. This issue affects DRDrive: before 20231006. CVSSv3.1 9.8 (CRITICAL) · EPSS 33th percentile
CVE-2023-6196 — Myaudiomerchant Audio_merchant: The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audio_merchant_add_audio_file function. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 31th percentile
v1.1.0
NetExec v1.1.0 release includes new capabilities for S4U abuse automation, enhanced SSH/WinRM/FTP protocol support, schtask module for user impersonation, and significant code cleanup via linting. The release adds post-exploitation functionality improvements and fixes multiple bugs across protocol handlers and credential management.
CVE-2023-6187 — Strangerstudios Paid_memberships_pro: The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due
The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'pmpro_paypalexpress_session_vars_for_user_fields' function in versions up to, and including, 2.12.3. This makes it possible for authenticated attackers with subscriber privileges or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This can be exploited if 2Checkout (deprecated since CVSSv3.1 7.5 (HIGH) · EPSS 96th percentile
CVE-2023-4214 — Apppresser Apppresser: The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up
The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. CVSSv3.1 8.1 (HIGH) · EPSS 59th percentile
CVE-2023-36424 — Microsoft Windows_10_1507: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability CVSSv3.1 7.8 (HIGH) · EPSS 92th percentile
CVE-2023-44373 — Siemens 6gk5205-3bb00-2ab2_firmware: This could allow an authenticated remote attacker with administrative privileges to inject code or
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323. CVSSv3.1 9.1 (CRITICAL) · EPSS 68th percentile
CVE-2023-46850 — Openvpn Openvpn: Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer. CVSSv3.1 9.8 (CRITICAL) · EPSS 78th percentile
CVE-2023-47359 — Videolan Vlc_media_player: VLC prior to version 3.0.20 contains an incorrect offset read that leads to
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. CVSSv3.1 9.8 (CRITICAL) · EPSS 37th percentile
CVE-2023-41425 — Wondercms Wondercms: Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. CVSSv3.1 6.1 (MEDIUM) · EPSS 99th percentile
CVE-2023-5709 — Web-dorado Wd_widgettwitter: The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's
The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the CVSSv3.1 8.8 (HIGH) · EPSS 45th percentile
CVE-2023-46084 — Bplugins Icons_font_loader: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bPlugins LLC Icons Font Loader allows SQL Injection.This issue affects Icons Font Loader: from n/a through 1.1.2. CVSSv3.1 8.5 (HIGH) · EPSS 43th percentile
CVE-2023-45657 — Posimyth Nexter: A vulnerability in posimyththemes Nexter nexter.This issue affects Nexter: from n/a through <= 2.0.3.
A vulnerability in posimyththemes Nexter nexter.This issue affects Nexter: from n/a through <= 2.0.3. CVSSv3.1 8.5 (HIGH) · EPSS 94th percentile
CVE-2023-45074 — Pagevisitcounter Advanced_page_visit_counter: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress allows SQL Injection.This issue affects Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress: from n/a through 7.1.1. CVSSv3.1 8.5 (HIGH)
CVE-2023-45055 — Inspireui Mstore_api: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6. CVSSv3.1 8.5 (HIGH) · EPSS 43th percentile
CVE-2023-45001 — Castos Seriously_simple_stats: A vulnerability in Craig Hewitt Seriously Simple Stats seriously-simple-stats.This issue affects Seriously Simple Stats
A vulnerability in Craig Hewitt Seriously Simple Stats seriously-simple-stats.This issue affects Seriously Simple Stats: from n/a through <= 1.5.0. CVSSv3.1 8.5 (HIGH) · EPSS 43th percentile
CVE-2023-40609 — Rocklobster Contact_form_7_custom_validation: A vulnerability in aiyaz Khorajia Contact form 7 Custom validation cf7-field-validation.This issue affects Contact
A vulnerability in aiyaz Khorajia Contact form 7 Custom validation cf7-field-validation.This issue affects Contact form 7 Custom validation: from n/a through <= 1.1.3. CVSSv3.1 8.2 (HIGH) · EPSS 43th percentile