Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2023-47687: WordPress Woo Custom and Sequential Order Number plugin <= 2.6.0 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in VJInfotech Woo Custom and Sequential Order Number plugin <= 2.6.0 versions.

CVE
#csrf#vulnerability#wordpress#auth
CVE-2023-47686: WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.

CVE-2023-47688: WordPress Youtube SpeedLoad plugin <= 0.6.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Alexufo Youtube SpeedLoad plugin <= 0.6.3 versions.

CVE-2023-43275: dedecms/v5.7_110-CSRF.md at main · thedarknessdied/dedecms

Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form.

CVE-2023-47637: SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()

Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

GHSA-72hh-xf79-429p: Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()

### Summary User input passed directly into an SQL statement allows (non-admin) backend users to execute arbitrary SQL statements. ### Details The `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for at https://github.com/pimcore/admin-ui-classic-bundle/blob/bba7c7419cb1f06d5fd98781eab4d6995e4e5dca/src/Helper/GridHelperService.php#L311, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value: https://github.com/pimcore/pimcore/blob/42b6cfa77c4540205bdd10689893ccb73e4bac8f/models/DataObject/ClassDefinition/Data/Multiselect.php#L285-L312 ### PoC * Set up an example project as described on https://pimcore.com/docs/platform/Pimcore/Getting_Started/Installation/Docker_Based_Installation (demo package with example content) * Enter the backend and add a new user without admin privileges, but the "Objec...

CVE-2023-47550: WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - Cross Site Scripting (XSS) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations allows Stored XSS.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.

CVE-2023-48020: dreamer_cms/Enable CSRF for Task Management Office.md at main · moonsabc123/dreamer_cms

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/task/changeStatus.

CVE-2023-45879: usd-2023-0019 - usd HeroLab

GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.