Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-0554 — Thingsforrestaurants Quick_restaurant_menu: The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in
The Quick Restaurant Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on its AJAX actions. This makes it possible for unauthenticated attackers to update menu items, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.1 (HIGH) · EPSS 41th percentile
CVE-2023-0550 — Thingsforrestaurants Quick_restaurant_menu: The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference
The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the fact that during menu item deletion/modification, the plugin does not verify that the post ID provided to the AJAX action is indeed a menu item. This makes it possible for authenticated attackers, with subscriber-level access or higher, to modify or delete arbitrary posts. CVSSv3.1 8.1 (HIGH) · EPSS 59th percentile
CVE-2020-22452 — Phpmyadmin Phpmyadmin: SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 75th percentile
CVE-2021-37500 — Reprisesoftware Reprise_license_manager: Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the
Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server. CVSSv3.1 8.1 (HIGH) · EPSS 65th percentile
CVE-2023-0294 — Frenify Mediamatic: The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request
The Mediamatic – Media Library Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on its AJAX actions function. This makes it possible for unauthenticated attackers to change image categories used by the plugin, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 31th percentile
CVE-2022-4422 — Bulutses Bulutdesk_callcenter: Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated
Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0 CVSSv3.1 9.8 (CRITICAL) · EPSS 53th percentile
CVE-2022-3792 — Gullseye Gullseye_terminal_operating_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GullsEye GullsEye terminal operating system allows SQL Injection. This issue affects GullsEye terminal operating system: from unspecified before 5.0.13. CVSSv3.1 9.8 (CRITICAL) · EPSS 58th percentile
CVE-2023-0088 — Swifty_page_manager_project Swifty_page_manager: The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on several AJAX actions handling page creation and deletion among other things. This makes it possible for unauthenticated attackers to invoke those functions, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 45th percentile
CVE-2022-3805 — Jegtheme Jeg_elementor_kit: The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various
The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various functions used to update the plugin settings in versions up to, and including, 2.5.6. Unauthenticated users can use an easily available nonce, obtained from pages edited by the plugin, to update the MailChimp API key, global styles, 404 page settings, and enabled elements. CVSSv3.1 8.6 (HIGH) · EPSS 92th percentile
CVE-2022-40434 — Softr Softr: v2.0 was discovered to be vulnerable to HTML injection via the Name field
Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page. CVSSv3.1 9.8 (CRITICAL) · EPSS 67th percentile
CVE-2022-46393 — Arm Mbed_tls: There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. CVSSv3.1 9.8 (CRITICAL) · EPSS 76th percentile
CVE-2022-3427 — Dwbooster Corner_ad: The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions
The Corner Ad plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.56. This is due to missing or incorrect nonce validation on its corner_ad_settings_page function. This makes it possible for unauthenticated attackers to trigger the deletion of ads via forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 69th percentile
CVE-2022-2601 — Gnu Grub2: A buffer overflow was found in grub_font_construct_glyph().
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. CVSSv3.1 8.6 (HIGH) · EPSS 19th percentile
Volatility 3 2.4.0
Volatility 3 2.4.0 released with new plugins for Linux and Windows memory analysis (mountinfo, psaux, devicetree, joblinks, ldrmodules, mbrscan, mftscan, sessions), improved symbol handling, better QEMU support, and API enhancements for PDB symbol table integration.
CVE-2022-31358 — Proxmox Virtual_environment: A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/. CVSSv3.1 9.0 (CRITICAL) · EPSS 66th percentile
CVE-2022-32224 — Activerecord_project Activerecord: A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE. CVSSv3.1 9.8 (CRITICAL) · EPSS 83th percentile
CVE-2022-44945 — Rukovoditel Rukovoditel: v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter. CVSSv3.1 9.8 (CRITICAL) · EPSS 55th percentile
CVE-2022-44291 — Webtareas_project Webtareas: 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 88th percentile
CVE-2022-44290 — Webtareas_project Webtareas: 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter
webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 88th percentile
CVE-2022-2808 — Algan Prens_student_information_system: Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows
Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection. This issue affects Prens Student Information System: before 2.1.11. CVSSv3.1 8.8 (HIGH) · EPSS 52th percentile
CVE-2022-2807 — Algan Prens_student_information_system: SQL Injection vulnerability in Algan Software Prens Student Information System allows SQL Injection.
SQL Injection vulnerability in Algan Software Prens Student Information System allows SQL Injection. This issue affects Prens Student Information System: before 2.1.11. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile
CVE-2022-4030 — Simple-press Simple\: The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to
The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter which can be manipulated during user avatar deletion. This makes it possible with attackers, with minimal permissions such as a subscriber, to supply paths to arbitrary files on the server that will subsequently be deleted. This can be used to delete the wp-config.php file that can allow an attacker to configure the site and achieve remote code CVSSv3.1 8.1 (HIGH) · EPSS 91th percentile
CVE-2022-3898 — Tipsandtricks-hq Wp_affiliate_platform: The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This is due to missing or incorrect nonce validation on various functions including the affiliates_menu method. This makes it possible for unauthenticated attackers to delete affiliate records, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 38th percentile
CVE-2022-3747 — Muffingroup Becustom: The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up
The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. This is due to missing nonce validation when saving the plugin's settings. This makes it possible for unauthenticated attackers to update the plugin's settings like betheme_url_slug, replaced_theme_author, and betheme_label to name a few, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 77th percentile
CVE-2022-3384 — Ultimatemember Ultimate_member: The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populate_dropdown_options function that accepts user supplied input and passes it through call_user_func(). This is restricted to non-parameter PHP functions like phpinfo(); since user supplied parameters are not passed through the function. This makes it possible for authenticated attackers, with administrative privileges, to execute code on the ser CVSSv3.1 7.2 (HIGH) · EPSS 97th percentile