Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2023-37990: WordPress Perelink Pro plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-37991: WordPress WP Emoji One plugin <= 0.6.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions.

CVE-2023-37891: WordPress Exit Popups & Onsite Retargeting by OptiMonk plugin <= 2.0.4 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions.

CVE-2023-37996: WordPress GTmetrix for WordPress plugin <= 0.4.7 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions.

CVE-2023-37992: WordPress Smarty for WordPress plugin <= 3.1.35 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.

GHSA-56fm-hfp3-x3w3: Wallabag user can disable 2FA unintentionally

## Impact wallabag was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily disable 2FA through `/config/otp/app/disable` and `/config/otp/email/disable`. This vulnerability has a CVSSv3.1 score of 4.3. **You should upgrade your instance to version 2.6.7 or higher.** ## Resolution These endpoints now require POST method. ## Credits We would like to thank @dhina016 for reporting this issue through huntr.dev. Reference: https://huntr.dev/bounties/4c446fe7-2a44-4907-b0cf-4ab77d75c487/

Juniper SRX Firewall / EX Switch Remote Code Execution

This Metasploit module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices running FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The first being auto_prepend_file which causes the provided file to be added using the require function. The second PHP function is allow_url_include which allows the use of URL-aware fopen wrappers. By enabling allow_url_include, the exploit can use any protocol wrapper with auto_prepend_file. The module then uses data:// to provide a file inline which includes the base64 encoded PHP payload. By default this exploit returns a session confined to a FreeBSD jail with limited functionality. There is a datastore option JAIL_BREAK, that when set to true, will steal the necessary tokens from a user authenticated to the J-Web application, in order to overwrite the root password hash. If ther...

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a