Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-3343 — Wpeverest User_registration: The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to del CVSSv3.1 8.8 (HIGH) · EPSS 71th percentile
CVE-2023-3342 — Wpeverest User_registration: The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to
The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and missing file type validation on the 'ur_upload_profile_pic' function in versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with subscriber-level capabilities or above to upload arbitrary files on the affected site's server which may make remote code execution possible. This was partially patched in version 3.0.2 and ful CVSSv3.1 9.9 (CRITICAL) · EPSS 91th percentile
CVE-2023-33668 — Digiexam Digiexam: up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. CVSSv3.1 9.8 (CRITICAL) · EPSS 34th percentile
CVE-2023-3105 — Learndash Learndash: The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in
The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for attackers with with existing account access at any level, to change user passwords and potentially take over administrator accounts. CVSSv3.1 8.8 (HIGH) · EPSS 18th percentile
CVE-2023-33150 — Microsoft 365_apps: Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability CVSSv3.1 9.6 (CRITICAL) · EPSS 42th percentile
CVE-2023-3271 — Sick Icr890-4_firmware: Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints. CVSSv3.1 8.2 (HIGH) · EPSS 44th percentile
CVE-2023-3045 — Tise Parking_web_report: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tise Technology Parking Web Report allows SQL Injection.This issue affects Parking Web Report: before 2.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-2852 — Softmedyazilim Selfpatron: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQL Injection.This issue affects SelfPatron : before 2.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-2046 — Yontemizleme Vehicle_tracking_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yontem Informatics Vehicle Tracking System allows SQL Injection.This issue affects Vehicle Tracking System: before 8. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2022-42175 — Soluslabs Solusvm: Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker
Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization. CVSSv3.1 8.8 (HIGH) · EPSS 45th percentile
CVE-2021-4401 — Analogwp Style_kits: The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions
The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.0. This is due to missing or incorrect nonce validation on the update_posts_stylekit() function. This makes it possible for unauthenticated attackers to update style kits for posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 51th percentile
CVE-2023-36144 — Intelbras Sg_2404_mr_firmware: An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. CVSSv3.1 7.5 (HIGH) · EPSS 98th percentile
CVE-2023-35178 — Hp W1a75a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow when performing a GET request to scan jobs. CVSSv3.1 8.8 (HIGH) · EPSS 31th percentile
CVE-2023-35177 — Hp W1a75a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser. CVSSv3.1 8.8 (HIGH) · EPSS 29th percentile
CVE-2023-35176 — Hp W1a75a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial
Certain HP LaserJet Pro print products are potentially vulnerable to Buffer Overflow and/or Denial of Service when using the backup & restore feature through the embedded web service on the device. CVSSv3.1 8.8 (HIGH) · EPSS 36th percentile
CVE-2023-35175 — Hp W1a75a_firmware: Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code Execution and/or Elevation of Privilege via Server-Side Request Forgery (SSRF) using the Web Service Eventing model. CVSSv3.1 9.8 (CRITICAL) · EPSS 76th percentile
CVE-2023-3249 — Miniorange Web3_-_crypto_wallet_login_\&_nft_token_gating: The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hidden_form_data' function. This makes it possible for authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. CVSSv3.1 9.8 (CRITICAL) · EPSS 37th percentile
CVE-2023-3063 — Smartypantsplugins Sp_project_\&_document_manager: The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct
The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber privileges or above, to change user passwords and potentially take over administrator accounts. CVSSv3.1 8.8 (HIGH) · EPSS 19th percentile
CVE-2023-2834 — Stylemixthemes Bookit: The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.3.7. This is due to insufficient verification on the user being supplied during booking an appointment through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. CVSSv3.1 9.8 (CRITICAL) · EPSS 64th percentile
CVE-2023-36143 — Maxprintisp Maxlink_1200g_firmware: Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool"
Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device. CVSSv3.1 8.8 (HIGH) · EPSS 82th percentile
CVE-2023-2982 — Miniorange Wordpress_social_login_and_register_\(discord\,_google\,_twitter: The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was p CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2023-3388 — Beautiful-cookie-banner Beautiful_cookie_consent_banner: The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via
The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2. CVSSv3.1 7.2 (HIGH) · EPSS 99th percentile
CVE-2023-3197 — Inspireui Mstore_api: The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 9.8 (CRITICAL) · EPSS 97th percentile
CVE-2023-34672 — Elenos Etg150_firmware: Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases. CVSSv3.1 8.8 (HIGH) · EPSS 51th percentile
CVE-2023-34671 — Elenos Etg150_fm_firmware: Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on
Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases. CVSSv3.1 8.8 (HIGH) · EPSS 55th percentile