Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-47313: CVE-2023-47313 – Headwind MDM Web panel 5.22.1 – File Reading via Uncontrolled File Operation - Boltonshield

Headwind MDM Web panel 5.22.1 is vulnerable to Directory Traversal.

CVE
Open in Source
#vulnerability#web#auth
CVE-2023-47314: CVE-2023-47314 – Headwind MDM Web panel 5.22.1 – XSS via Uncontrolled File Upload - Boltonshield

Headwind MDM Web panel 5.22.1 is vulnerable to Cross Site Scripting (XSS) via Uncontrolled File Upload.

CVE-2023-47315: CVE-2023-47315 – Headwind MDM Web panel 5.22.1 – Hardcoded JWT Secret - Boltonshield

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secret.

CVE-2023-47316: CVE-2023-47316 – Headwind MDM Web panel 5.22.1 – Missing Permission Control - Boltonshield

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control. The Web panel allows users to gain access to potentially sensitive API calls such as listing users and their data, file management API calls and audit-related API calls.

WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Escalation

WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.

CVE-2023-5466: Wp anything slider <= 9.1 - Authenticated (Subscriber+) SQL Injection via Shortcode — Wordfence Intelligence

The Wp anything slider plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2023-5465: Popup with fancybox <= 3.5 - Authenticated (Subscriber+) SQL Injection via Shortcode — Wordfence Intelligence

The Popup with fancybox plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE-2023-5419: Funnelforms Free <= 3.4 - Missing Authorization to Test Email Sending — Wordfence Intelligence

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsf_af2_test_mail function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to send test emails to an arbitrary email address.

CVE-2023-6160: LifterLMS <= 7.4.2 - Authenticated(Administrator+) Directory Traversal to Arbitrary CSV File Deletion — Wordfence Intelligence

The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the maybe_serve_export function. This makes it possible for authenticated attackers, with administrator or LMS manager access and above, to read the contents of arbitrary CSV files on the server, which can contain sensitive information as well as removing those files from the server.

CVE-2023-6007: UserPro <= 5.1.1 - Missing Authorization via multiple functions — Wordfence Intelligence

The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.