Published : 2024-10-06 Title: WordPress YITH WooCommerce Ajax Search plugin <= 2.8.0 – SQL Injection vulnerability Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in YITH YITH WooCommerce Ajax Search allows SQL Injection.This issue affects YITH WooCommerce Ajax Search: from n/a through 2.8.0. CWE CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) CVSS Score Severity Version Vector String 9.3 CRITICAL 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L Vendor : n/a Product: YITH WooCommerce Ajax Search Vulnerable Versions: n/a through 2.8.0 Proof of Concept: Vulnerability found by: DFEND Security Researcher References: – https://patchstack.com/database/vulnerability/yith-woocommerce-ajax-search/wordpress-yith-woocommerce-ajax-search-plugin-2-8-0-sql-injection-vulnerability?_s_id=cve

Published : 2024-10-11 Title: WordPress Backup and Staging by WP Time Capsule plugin

Published : 2024-10-05 Title: WordPress Slideshow Gallery LITE plugin <= 1.8.3 – Cross Site Scripting (XSS) vulnerability Description Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Tribulant Slideshow Gallery allows Stored XSS.This issue affects Slideshow Gallery: from n/a through 1.8.3. CWE CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) CVSS Score Severity Version Vector String 5.9 MEDIUM 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L Vendor : n/a Product: Slideshow Gallery Vulnerable Versions: n/a through 1.8.3 Proof of Concept: Vulnerability found by: DFEND Security Researcher References: – https://patchstack.com/database/vulnerability/slideshow-gallery/wordpress-slideshow-gallery-lite-plugin-1-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve

Published : 2024-10-11 Title: WordPress Multi Step for Contact Form plugin <= 2.7.7 – Unauthenticated SQL Injection vulnerability Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NinjaTeam Multi Step for Contact Form allows SQL Injection.This issue affects Multi Step for Contact Form: from n/a through 2.7.7. CWE CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) CVSS Score Severity Version Vector String 9.3 CRITICAL 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L Vendor : n/a Product: Multi Step for Contact Form Vulnerable Versions: n/a through 2.7.7 Proof of Concept: Vulnerability found by: DFEND Security Researcher References: – https://patchstack.com/database/vulnerability/cf7-multi-step/wordpress-multi-step-for-contact-form-plugin-2-7-7-unauthenticated-sql-injection-vulnerability?_s_id=cve

Published : 2024-10-16 Title: WordPress Contact Form by Supsystic plugin <= 1.7.28 – Remote Code Execution (RCE) vulnerability Description Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Contact Form by Supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through 1.7.28. CWE CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine CVSS Score Severity Version Vector String 9.1 CRITICAL 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Vendor : n/a Product: Contact Form by Supsystic Vulnerable Versions: n/a through 1.7.28 Proof of Concept: Vulnerability found by: DFEND Security Researcher References: – https://patchstack.com/database/vulnerability/contact-form-by-supsystic/wordpress-contact-form-by-supsystic-plugin-1-7-28-remote-code-execution-rce-vulnerability?_s_id=cve

Abbiamo scoperto e segnalato prontamente una pericolosa XXE a @Microsoft!Una XXE è una vulnerabilità che permette ad un attaccante di iniettare codice arbitrario in un’applicazione, con potenziali conseguenze disastrose come il furto di dati o il controllo completo del sistema. ⚠️ Il nostro team di esperti ha identificato ed analizzato questa falla critica in un servizio chiave di Microsoft, dimostrando ancora una volta l’eccellente livello di DFEND in ambito Ethical Hacking e Penetration Testing. Siamo orgogliosi di essere stati riconosciuti da Microsoft e inseriti nella sua Hall of Fame. Reference: https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing https://portal.msrc.microsoft.com/en-us/security-guidance/researcher-acknowledgments-online-services #cybersecurity #XXE #Microsoft #ricerca #sicurezzainformatica #halloffame #penetrationtesting Vuoi proteggere la tua organizzazione da minacce simili? Contattaci oggi stesso per una valutazione completa della sicurezza dei tuoi sistemi.

Reflected XSS Reflected Cross-Site Scripting (XSS) vulnerability in LibreNMS 22.12.0 – Fri Dec 30 2022 10:11:51 GMT+0100 allows attackers to execute arbitrary external javascript code in the browser affected from /ports/group parameter. POC – Proof of concept Impact This vulnerability allows attackers to hijack the user’s current session, steal relevant information, deface website or direct users to malicious websites and allows attacker to use for further exploitation. Severity https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L Reference https://github.com/librenms/librenms https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f/ https://nvd.nist.gov/vuln/detail/CVE-2023-4347

Stored Html Injection easyappointments present an html injection vulnerability on the company name field on “/index.php/backend/settings” page. POC – Proof of concept Impact *. A stored HTML injection attack occurs when an attacker injects malicious HTML code into legitimate HTML code of a web application. *. This vulnerability can lead to various types of attacks, including open redirects, phishing attempts, and browser hijacking. *. Additionally, an attacker can gain access to the victim’s IP address, latitude and longitude, and potentially carry out a camera phishing attack. *. Overall, a stored HTML injection vulnerability can have severe consequences and it is important to prevent and mitigate this type of attack. References Severity https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L Reference https://nvd.nist.gov/vuln/detail/CVE-2023-1367 https://huntr.dev/bounties/16bc74e2-1825-451f-bff7-bfdc1ea75cc2/ https://github.com/alextselegidis/easyappointments

Stored XSS answer has a feature to customize the “Site Name” during installation or in the settings page , due to a bad sanitization it allows to put arbitrary html code which allows to execute javascript code. Everytime a user enter in the website, the xss is triggered. POC – Proof of concept Impact The impact is JavaScript Code Execution. However, admin privileges are required to edit the vulnerable input fields. Severity https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L Reference https://nvd.nist.gov/vuln/detail/CVE-2023-1243 https://huntr.dev/bounties/1d62d35a-b096-4b76-a021-347c3f1c570c/ https://github.com/answerdev/answer https://answer.apache.org/

Stored XSS Webcalendar has a feature to add event and display the location of it. This feature lead to stored xss everytime a user open the calendar or the event detail page. POC – Proof of concept Impact If an attacker can control a script that is executed in the victim’s browser, then they can typically fully compromise that user. The attacker can carry out any of the actions that are applicable to the impact of reflected XSS vulnerabilities. Severity https://cvss.js.org/#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L Reference https://huntr.dev/bounties/b9584c87-60e8-4a03-9e79-5f1e2d595361/ https://nvd.nist.gov/vuln/detail/CVE-2023-0289 https://github.com/craigk5n/webcalendar