Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nuajik plugin <= 0.1.0 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Pavitra Tiwari discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress nuajik CDN Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-33210: WordPress nuajik CDN plugin <= 0.1.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaquín Ruiz Easy Admin Menu plugin <= 1.3 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Easy Admin Menu Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-33929: WordPress Easy Admin Menu plugin <= 1.3 - Cross Site Scripting (XSS) - Patchstack

Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-41552: founded-0-days/form_fast_setting_wifi_set/1.md at main · peris-navince/founded-0-days

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.

CVE-2023-41559: founded-0-days/fromNatStaticSetting/1.md at main · peris-navince/founded-0-days

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.

CVE-2023-41561: founded-0-days/formSetPPTPServer/1.md at main · peris-navince/founded-0-days

Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.

@@ -0,0 +1,59 @@ <?php  
namespace Tests\\Unit;  
use BookStack\\Exceptions\\HttpFetchException; use BookStack\\Util\\SsrUrlValidator; use Tests\\TestCase;  
class SsrUrlValidatorTest extends TestCase { public function test\_allowed() { $testMap = \[ // Single values \['config' => '', 'url' => '', 'result' => false\], \['config' => '', 'url' => 'https://example.com', 'result' => false\], \['config' => ' ', 'url' => 'https://example.com', 'result' => false\], \['config' => '\*', 'url' => '', 'result' => false\], \['config' => '\*', 'url' => 'https://example.com', 'result' => true\], \['config' => 'https://\*', 'url' => 'https://example.com', 'result' => true\], \['config' => 'http://\*', 'url' => 'https://example.com', 'result' => false\], \['config' => 'https://\*example.com', 'url' => 'https://example.com', 'result' => true\], \['config' => 'https://\*ample.com', 'url' => 'https://example.com', 'result' => true\], \['config' => 'https://\*.example.com', 'url' => 'https://example.com', 'result' => false\], \['config' => 'https://\*.example.com', 'url' => 'https://test.example.com', 'result' => true\], \['config' => '\*//example.com', 'url' => 'https://example.com', 'result' => true\], \['config' => '\*//example.com', 'url' => 'http://example.com', 'result' => true\], \['config' => 'https://example.com', 'url' => 'https://example.com/a/b/c?test=cat', 'result' => true\], \['config' => 'https://example.com', 'url' => 'https://example.co.uk', 'result' => false\],  
// Escapes \['config' => 'https://(.\*?).com', 'url' => 'https://example.com', 'result' => false\], \['config' => 'https://example.com', 'url' => 'https://example.co.uk#https://example.com', 'result' => false\],  
// Multi values \['config' => '\*//example.org \*//example.com', 'url' => 'https://example.com', 'result' => true\], \['config' => '\*//example.org \*//example.com', 'url' => 'https://example.com/a/b/c?test=cat#hello', 'result' => true\], \['config' => '\*.example.org \*.example.com', 'url' => 'https://example.co.uk', 'result' => false\], \['config' => ' \*.example.org \*.example.com ', 'url' => 'https://example.co.uk', 'result' => false\], \['config' => '\* \*.example.com', 'url' => 'https://example.co.uk', 'result' => true\], \['config' => '\*//example.org \*//example.com \*//example.co.uk', 'url' => 'https://example.co.uk', 'result' => true\], \['config' => '\*//example.org \*//example.com \*//example.co.uk', 'url' => 'https://example.net', 'result' => false\], \];  
foreach ($testMap as $test) { $result = (new SsrUrlValidator($test\['config'\]))->allowed($test\['url'\]); $this\->assertEquals($test\['result'\], $result, "Failed asserting url '{$test\['url'\]}' with config '{$test\['config'\]}' results " . ($test\['result'\] ? 'true' : 'false')); } }  
public function test\_enssure\_allowed() { $result = (new SsrUrlValidator('https://example.com'))->ensureAllowed('https://example.com'); $this\->assertNull($result);  
$this\->expectException(HttpFetchException::class); (new SsrUrlValidator('https://example.com'))->ensureAllowed('https://test.example.com'); } }

CVE-2023-4624: Security: Added new SSR allow list and validator · BookStackApp/BookStack@c324ad9

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.

CVE-2023-41563: founded-0-days/GetParentControlInfo/1.md at main · peris-navince/founded-0-days

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.

CVE-2023-41562: founded-0-days/setSmartPowerManagement/1.md at main · peris-navince/founded-0-days

Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.

CVE-2023-41560: founded-0-days/formSetFirewallCfg/1.md at main · peris-navince/founded-0-days

The AffiliateWP for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'affwp_activate_addons_page_plugin' function called via an AJAX action in versions up to, and including, 2.14.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to activate arbitrary plugins.

Source

CVE