Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arsham Mirshah Add Posts to Pages plugin <= 1.4.1 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

Found this useful? Thank Lana Codes for reporting this vulnerability. Buy a coffee ☕

Lana Codes discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Add Posts to Pages Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-23826: WordPress Add Posts to Pages plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin <= 2.0.0 versions.

**Solution**

 Fixed

Update the WordPress Catalyst Connect Zoho CRM Client Portal plugin to the latest available version (at least 2.1.0).

Hoang Van Hiep - sk4rl1ghT discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Catalyst Connect Zoho CRM Client Portal Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.1.0.

**Other vulnerabilities in this plugin**

 0 present

 2 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2022-44629: WordPress Catalyst Connect Zoho CRM Client Portal plugin <= 2.0.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Unauth. Open Redirect vulnerability in Arscode Ninja Popups plugin <= 4.7.5 versions.

**Solution**

 No fix

No patched version is provided by the vendor.

Dave Jong (Patchstack) discovered and reported this Open Redirection vulnerability in WordPress Ninja Popups Plugin. This could allow a malicious actor to redirect users from one site to the other due to the redirect URL not being validated. Users could be tricked to visiting a legitimate site to then be redirected to a malicious site and cause a phishing incident. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2022-27861: WordPress Ninja Popups plugin <= 4.7.5 - Unauth. Open Redirect vulnerability - Patchstack

Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.

Prior to this Werk, users with the permissions to (a) use the RestAPI, (b) create passwords in the password store, and (c) create active checks were able to run arbitrary commands on the site.

This issue was found during internal code review.

**Affected Versions**:

*   2.0.0
*   2.1.0
*   2.2.0 prior to version 2.2.0p4

Note that at the point of publishing this Werk and fix, the current version 2.2.0 was already not affected by this issue anymore, as the issue was already mitigated by Werk #15889.

**Indicators of Compromise**: Check the password store for passwords with unusual identifiers, review add-password events in the audit log.

**Vulnerability Management**: We have rated the issue with a CVSS Score of 8.8 (High) with the following CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. We have assigned CVE CVE-2023-31209.

**Changes**: This Werk adds proper sanitization of the affected parameter on core commands.

To the list of all Werks

CVE-2023-31209: Fix command injection via RestAPI / Password Store

A remote code execution vulnerability in the webview component of OnePlus Mall app.


CVE-2023-26309

The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE-2023-4277: class-realia-post-type-user.php in realia/tags/1.4.0/includes/post-types – WordPress Plugin Repository

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

1<?php2global $userdata;34/\*\*5 \* First we'll run the shortcode that displays the login form6 \* if the user isn't logged in. Otherwise it displays a logout link.7 \* This shortcode is found in Absolute Privacy's functions.php file8 \*/9echo do\_shortcode( '\[loginform\]' );1011/\*\*12 \* We'll only show any of this profile updating form if the user is logged in.13 \*/14if ( is\_user\_logged\_in() ) :15        require\_once( ABSPATH . WPINC . '/registration.php' ); //this file is needed for functions used below1617        $user\_id \= $userdata\->ID; //reassign the username variable to ensure everything is up to date18        $errors \= false;1920        if ( isset( $\_POST\['wp-submit'\] ) ) { // The form has been submitted2122                /\* Here we check for errors. We'll throw an error if the user has23                 \* left the first name, last name, or email address empty.24                 \*/25                if ( empty( $\_POST\['first\_name'\] ) || empty( $\_POST\['last\_name'\] ) || empty( $\_POST\['user\_email'\] ) ) {26                        $errors \= \_\_( 'You must enter a value for first name, last name, and email address.', 'absprivacy' );27                }282930                /\* Here we check if the user is trying to submit a new password.31                 \* We only update the password if there are no previous errors,32                 \* and if both inputted passwords match.33                 \*/34                if ( isset( $\_POST\['password'\] ) && false \=== $errors && ! empty( $\_POST\['password'\] ) ) {35                        if ( strtolower( $\_POST\['password'\] ) !== strtolower( $\_POST\['password2'\] ) || empty( $\_POST\['password2'\] ) ) {36                                $errors \= \_\_( 'Your passwords do not match.', 'absprivacy' );37                        } else {38                                wp\_set\_password( $\_POST\['password'\], $user\_id );39                        }40                }4142                if ( false \=== $errors ) { //no errors, so lets update the user43                        wp\_update\_user(44                                array(45                                     'ID'         \=> $user\_id,46                                     'first\_name' \=> htmlentities( trim( $\_POST\['first\_name'\] ) ),47                                     'last\_name'  \=> htmlentities( trim( $\_POST\['last\_name'\] ) ),48                                     'user\_email' \=> htmlentities( trim( $\_POST\['user\_email'\] ) )49                                )50                        );5152                        echo '<p class="profile\_updated"><em>' . \_\_( 'Your profile has been updated', 'absprivacy' ) . '</em></p>';53                } else {54                        echo '<p class="profile\_errors"><strong>ERROR:</strong> ' . $errors . '</p>';55                }56        }5758        $user \= new WP\_User( $user\_id ); // use this instead of $userdata so that the changes are reflected after a user updates the form59        ?>606162        <p><?php \_e( 'You may edit your profile using the form below.', 'absprivacy' ); ?></p>6364        <form name="profileform" action="" method="post">6566                <p>67                        <label for="first\_name"><?php \_e( 'First Name', 'absprivacy' ); ?></label>68                        <input type="text" name="first\_name" id="first\_name" class="input" value="<?php echo $user\->first\_name; ?>"69                               size="30" tabindex="10"/>70                </p>7172                <p>73                        <label for="last\_name"><?php \_e( 'Last Name', 'absprivacy' ); ?></label>74                        <input type="text" name="last\_name" id="last\_name" class="input" value="<?php echo $user\->last\_name; ?>"75                               size="30" tabindex="20"/>76                </p>777879                <p>80                        <label for="user\_email"><?php \_e( 'Email Address', 'absprivacy' ); ?></label>81                        <input type="text" name="user\_email" id="user\_email" class="input" value="<?php echo $user\->user\_email; ?>"82                               size="40" tabindex="30"/>83                </p>8485                <p><?php \_e( 'You may also change your password (optional).', 'absprivacy' ); ?></p>8687                <p>88                        <label for="password"><?php \_e( 'Password', 'absprivacy' ); ?></label>89                        <input type="password" name="password" id="password" class="input" value="" size="20" tabindex="40"/> <br/>90                        <label for="password2"><?php \_e( 'And Again', 'absprivacy' ); ?></label>91                        <input type="password" name="password2" id="password2" class="input" value="" size="20" tabindex="50"/>92                </p>9394                <input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="<?php \_e( 'Submit Changes', 'absprivacy' ); ?>" tabindex="100"/>95        </form>96<?php endif; ?>

CVE-2023-4276: profile_page.php in absolute-privacy/trunk – WordPress Plugin Repository

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.

It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.

Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.

You can also contact us at:

European Data Protection Officer  
Samsung Electronics (UK) Limited  
Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS

**Cookies**

Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.

We use the following types of cookies on this website:

**Essential Cookies**: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided.

Cookie

Domain

Purpose

JSESSIONID

security.samsungmobile.com

to keep login session

lastActivityTime

security.samsungmobile.com

to save the user's last activity time to automatically logout after 30 minutes of inactivity

**Managing Cookies and Other Technologies**

You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at http://www.allaboutcookies.org.

CVE-2023-30705: Samsung Mobile Security

PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.

CVE-2023-30701: Samsung Mobile Security

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel, even if this traffic is not generated by the VPN client, while simultaneously using plaintext DNS to look up the VPN server's IP address. This allows an adversary to trick the victim into sending traffic to arbitrary IP addresses in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "ServerIP attack, combined with DNS spoofing, that can leak traffic to an arbitrary IP address" rather than to only Avira Phantom VPN.

Source

CVE