Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on 2023 May 2.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress WP-Cache.com Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34177: WordPress WP-Cache.com plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for ??????????? plugin <= 3.1.2 versions.

**Solution**

 Fixed

Update the WordPress TS Webfonts for さくらのレンタルサーバ plugin to the latest available version (at least 3.1.3).

Found this useful? Thank yuyudhn for reporting this vulnerability. Buy a coffee ☕

yuyudhn discovered and reported this Broken Access Control vulnerability in WordPress TS Webfonts for さくらのレンタルサーバ Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has been fixed in version 3.1.3.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34169: WordPress TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on 2023 April 21.

Justiice discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Ajax Pagination and Infinite Scroll Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34033: WordPress Ajax Pagination and Infinite Scroll plugin <= 2.0.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

No match.

Moodle official production repository

RSS Atom

CVE-2023-5545: Official Moodle git projects - moodle.git/search

By Daily Contributors
By Liz Smith, Digital Marketing Consultant for Elsewhen – Digital technologies have transformed how we live, work, and…
This is a post from HackRead.com Read the original post: Opinion: The Pros and Cons of the UK’s New Digital Regulation Principles

_By Liz Smith, Digital Marketing Consultant for Elsewhen_ – Digital technologies have transformed how we live, work, and play. The UK government’s announced approach in October 2023, with its objectives and principles for digital regulation, is a commendable stride in this direction. However, like all regulatory propositions, it’s not without its merits and drawbacks.

****The Pros****

**1\. Encouraging Innovation:**  A central tenet of the UK’s approach is the promotion of innovation. By committing to minimise unnecessary regulatory burdens and considering non-regulatory measures first, the UK is sending a clear message to start-ups and scale-ups that they are a valued part of the ecosystem. This can position the UK as a hub for digital entrepreneurship.

**2\. A Holistic, Forward-Thinking Approach:**  The emphasis on achieving forward-looking and coherent outcomes acknowledges the fluid nature of digital technology. Addressing the root causes rather than merely the symptoms of digital challenges ensures that regulations remain relevant and effective as technology evolves.

**3\. Global Considerations:**  Digital technologies are borderless. By considering international commitments, regulations developed by other nations, and international interoperability, the UK is taking a step to ensure that its domestic policies align with global standards and trends.

****The Cons****

**1\. Potential for Ambiguity:**  While the vision is comprehensive, it can also be viewed as broad. Without explicit details on how certain trade-offs will be managed, businesses might find it challenging to anticipate the exact regulatory environment and make long-term decisions.

**2\. Balancing Innovation and Safety:**  The twin goals of promoting innovation and ensuring safety can sometimes be at odds. There’s a potential risk that in the bid to foster innovation, regulatory oversight might not be as stringent as needed, leading to unforeseen challenges down the line.

**3\. Risk of Overlapping Regulations:**  Though the aim is to ensure coherence and minimise overlaps, the interconnected nature of digital technologies means that there’s a risk of inadvertently creating overlapping or contradictory regulations, especially as technology continually evolves.

**In Conclusion**: The UK’s approach to digital regulation is a vital step towards shaping a future where digital technologies can thrive while ensuring the safety and security of its citizens. As with any regulation, its effectiveness will largely depend on its execution and adaptability. It’s vital for stakeholders, including businesses like ours at Elsewhen, to engage proactively with the government to refine and enhance these principles, ensuring a win-win for all.

_**Disclaime**r: The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of Elsewhen or any of its affiliates._

1.  **Top SEO Agencies in the UK: Expert Insights**
2.  **The 10 Best Cybersecurity Companies in the UK**
3.  **Navigating London’s Free Electric Car Charging Points**
4.  **The Evolution of Influencer Marketing in Manchester, UK**
5.  **SEO vs. PPC: Choosing the Right Strategy for Your Business**

Opinion: The Pros and Cons of the UK’s New Digital Regulation Principles 

Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions.

**Solution**

 Fixed

Update the WordPress Groundhogg plugin to the latest available version (at least 2.7.11.1).

Found this useful? Thank Rafshanzani Suhada for reporting this vulnerability. Buy a coffee ☕

Rafshanzani Suhada discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Groundhogg Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has been fixed in version 2.7.11.1.

**Other vulnerabilities in this plugin**

 0 present

 7 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34178: WordPress Groundhogg plugin <= 2.7.11 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on 2023 May 2.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress WP-Cirrus Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 2 present

 0 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34181: WordPress WP-Cirrus plugin <= 0.6.11 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions.

**Solution**

 No fix

No patched version is available. The WordPress plugins review team was notified on 2023 April 17.

Found this useful? Thank Mika for reporting this vulnerability. Buy a coffee ☕

Mika discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress LH Password Changer Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34182: WordPress LH Password Changer plugin <= 1.55 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions.

**Solution**

 No fix

No patched version is available. No reply from the vendor.

LEE SE HYOUNG (hackintoanetwork) discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Download SpamReferrerBlock Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 2 present

 0 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-34371: WordPress SpamReferrerBlock plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

It can be easy to get caught up in the “big” questions in cybersecurity, like how to stop ransomware globally or keep hospitals up and running when they’re targeted by data theft extortion.

Thursday, November 9, 2023 14:11

I found the juxtaposition of stories on the Talos blog over the past week-plus kind of funny. 

On one hand, we had a massive story about Arid Viper, a Middle Eastern threat actor spreading spyware, one of the most dangerous types of malware out there right now, operating out of Gaza no less. 

Then, we had “Roblox,” a children’s video game (which I’ve written about multiple times and I maintain was the OG metaverse).  

The scale of these attacks is obviously vastly different. Spyware is being used across the globe to monitor some of the most vulnerable activists, journalists and government officials to track their physical movement.  

Meanwhile, “Roblox” players are losing money in a game where the characters look like vague LEGO minifigure knockoffs.  

And the blog homepage is just a perfect encapsulation of how cybersecurity means more than just blocking malware. It can mean teaching your children how to stay safe when they go online, how to properly lock down your login credentials and just being smart at spotting scams. 

But it can also have global implications in areas where there is a global military conflict, just like we’ve written about countless times in Ukraine. 

I would never call one security researcher’s work more “important” than another's — everyone in the security community works extremely hard to keep the internet safe, no matter what company you work for or what your area of expertise is. Tiago from our Outreach team who wrote about the “Roblox” scams has certainly done way more malware research beyond this. But it’s clear that the real-world implications of both these threats are very different. 

For me, the takeaway is just to leave room for all of this. It can be easy to get caught up in the “big” questions in cybersecurity, like how to stop ransomware globally or keep hospitals up and running when they’re targeted by data theft extortion. But that doesn’t mean we can ignore the “small stuff” either because those problems are more likely to end up on our virtual front door. 

If I may continue to plug Talos’ work, we have a new video series launching today, too, under our Threat Spotlight banner. Each month, Decipher reporters and Talos researchers will team up to recap the top stories, malware and threats in the headlines. We’re excited about this new partnership with Decipher.

 **The one big thing **

Attackers are using a new tactic to get spam through their email inbox filters via Google Forms. Google Forms has a “quiz” option for their fields, and adversaries have found a workaround to send the “answers” to a quiz to targets, which are actually spam messages that appear to the user like they’re legitimate messages coming from Google. In one case, we found a deep cryptocurrency-related scam using this method, and other actors are just hoping to get the user to click on a malicious link that could lead to other scams or malware.  

**Why do I care? **

The average user is going to see a message from Google Forms, especially after they just filled out a Form, and assume it’s legitimate, so attackers are more likely to be successful using this method of delivering their spam compared to traditional email methods. Google Forms abuse has been present in spam attacks for several years, though our investigation showed that this particular feature of Google Forms quizzes was not very heavily abused to send spam until relatively recently. 

**So now what? **

As with all types of spam, follow the basic rule, “If it seems too good to be true, it probably is.” While there is no concrete method of blocking these comments and quiz results from coming through, if you’re using Google Forms, be weary of illegitimate messages making their way through. Look for things like misspellings, typos, or URLs that you don’t recognize.  

**Top security headlines of the week **

**A coalition of more than 40 international governments, including the European Union and Interpol, have agreed to not pay ransomware attackers’ extortion payments.** The commitment came from last week's U.S.-led Counter Ransomware Initiative meeting and applies to those countries’ government agencies. Private companies who operate in these nations are most often the targets of ransomware, however, but leaders hope the pledge will influence them to take the same stance. Whether to pay the ransom is often a tough decision for the private sector, which needs to balance the cost of keeping their network operations offline during recovery versus having their files returned as quickly as possible. However, there is never a guarantee that the ransomware actor will provide a decryption key as promised. Government officials hope that cutting off the flow of income to the threat actors will dry up their resources and discourage future attacks. (Axios, Reuters) 

**Atlassian elevated a recently disclosed vulnerability to the maximum severity rating after threat actors started exploiting it to deliver the Cerber ransomware.** CVE-2023-22518 is an improper authorization vulnerability in Confluence Data Center and Server, which first received a patch on Oct. 31. Adversaries can exploit this vulnerability on internet-facing Confluence servers by sending specially devised requests to setup-restore endpoints. Confluence accounts hosted in Atlassian’s cloud environment are not affected, according to the company. In its initial disclosure of CVE-2023-22518, Atlassian warned of “significant data loss if exploited” and said, “customers must take immediate action to protect their instances.” (SC Media, Ars Technica) 

**The Mozi botnet mysteriously has gone offline, and experts are unsure if the original creators are responsible.** Mozi was once a massive network that attackers used to carry out distributed denial-of-service (DDoS) attacks, data exfiltration and payload execution against internet-of-things (IoT) devices. Once one of the largest botnets in the world, it’s now essentially offline, according to security researchers. A kill switch seems to be the root cause, though it’s unclear if the operators did this on their own volition if they had their hand forced by law enforcement, or if another third party was involved. The kill switch code shares some code snippets with the original botnet, and whoever deployed it used the correct private keys to sign the payload. Botnets tend to still come back to life after reported takedowns, so there is no guarantee that Mozi is gone forever. (Dark Reading, The Register) 

**Can’t get enough Talos? **

*   Threat Roundup for Oct. 27 - Nov. 3 
*   Talos Takes Ep. #161 (XL Edition): The top incident response trends of Q3 
*   Cisco Talos researcher Nick Biasini on chasing APTs, mercenary hackers 
*   Cyber attackers are increasingly targeting web applications 

**Upcoming events where you can find Talos **

**Black Hat Middle East and Africa** **(Nov. 16)** 

_Riyadh, Saudi Arabia_ 

> _Rami Atalhi from Talos Incident Response will discuss how generative AI affects red and blue teams in cybersecurity. Discover how generative AI creates a bridge between these teams, fostering teamwork and innovative strategies. Real-world cases will demonstrate how generative AI drives success, providing insights for building resilient cybersecurity plans._ 

**misecCON** **(Nov. 17)** 

_Lansing, Michigan_ 

> _Terryn Valikodath from Talos Incident Response will deliver a talk providing advice on the best ways to conduct analysis, learning from his years of experience (and mishaps). He will speak about the everyday tasks he and his Talos IR teammates must go through to properly perform analysis. This talk covers topics such as planning, finding evil, recording findings, correlation and creating your own timelines._ 

**"Power of the Platform” by Cisco** **(Dec. 5 & 7)** 

_Virtual (Please note: This presentation will only be given in German)_ 

> _The annual IT event at the end of the year where Cisco experts, including Gergana Karadzhova-Dangela from Cisco Talos Incident Response, discuss the future-oriented topics in the implementation of digitalization together with you._  

**Most prevalent malware files from Talos telemetry over the past week **

**SHA 256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91**    
**MD5:** 7bdbd180c081fa63ca94f9c22c457376   
**Typical Filename:** c0dwjdi6a.dll   
**Claimed Product:** N/A    
**Detection Name:** Trojan.GenericKD.33515991 

**SHA 256:** bea312ccbc8a912d4322b45ea64d69bb3add4d818fd1eb7723260b11d76a138a   
**MD5:** 200206279107f4a2bb1832e3fcd7d64c   
**Typical Filename:** lsgkozfm.bat   
**Claimed Product:** N/A   
**Detection Name:** Win.Dropper.Scar::tpd 

**SHA 256:** 8664e2f59077c58ac12e747da09d2810fd5ca611f56c0c900578bf750cab56b7    
**MD5:** 0e4c49327e3be816022a233f844a5731    
**Typical Filename:** aact.exe    
**Claimed Product:** AAct x86    
**Detection Name:** PUA.Win.Tool.Kmsauto::in03.talos 

**SHA 256: 5e537dee6d7478cba56ebbcc7a695cae2609010a897d766ff578a4260c2ac9cf**   
**MD5:** 2cfc15cb15acc1ff2b2da65c790d7551   
**Typical Filename:** rcx4d83.tmp   
**Claimed Product:** N/A     
**Detection Name:** Win.Dropper.Pykspa::tpd 

**SHA 256:** 975517668a3fe020f1dbb1caafde7180fd9216dcbf0ea147675ec287287f86aa   
**MD5:** 9403425a34e0c78a919681a09e5c16da   
**Typical Filename:** vincpsarzh.exe   
**Claimed Product:** N/A   
**Detection Name:** Win.Dropper.Scar::tpd

Tag

#auth