Month: November 2023

LockBit 3.0 Ransomware Victim: ribolia[.]com

November 25, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

UserPro Plugin for WordPress information disclosure | CVE-2023-2446

November 25, 2023

NAME__________UserPro Plugin for WordPress information disclosurePlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________UserPro Plugin for WordPress could allow...

OpenHarmony information disclosure | CVE-2023-46100

November 25, 2023

NAME__________OpenHarmony information disclosurePlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenHarmony could allow a local attacker to obtain sensitive information, caused by the use...

UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2438

November 25, 2023

NAME__________UserPro Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UserPro Plugin for WordPress is...

UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2447

November 25, 2023

UserPro Plugin for WordPress security bypass | CVE-2023-2448

November 25, 2023

NAME__________UserPro Plugin for WordPress security bypassPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________UserPro Plugin for WordPress could allow...

OpenHarmony denial of service | CVE-2023-47217

November 25, 2023

NAME__________OpenHarmony denial of servicePlatforms Affected:Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________OpenHarmony is vulnerable to a denial of service, caused by a buffer...

Anywhere Flash Embed Plugin for WordPress cross-site scripting | CVE-2023-47811

November 25, 2023

NAME__________Anywhere Flash Embed Plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Anywhere Flash Embed Plugin for WordPress is vulnerable to...

Add Widgets to Page Plugin for WordPress cross-site scripting | CVE-2023-47808

November 25, 2023

NAME__________Add Widgets to Page Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Add Widgets to Page Plugin for WordPress 1.3.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...

BP Profile Shortcodes Extra Plugin for WordPress cross-site scripting | CVE-2023-47815

November 25, 2023

NAME__________BP Profile Shortcodes Extra Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BP Profile Shortcodes Extra Plugin for WordPress 2.5.2Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting...

Bamboo Columns Plugin for WordPress cross-site scripting | CVE-2023-47812

November 25, 2023

NAME__________Bamboo Columns Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Bamboo Columns Plugin for WordPress 1.6.1Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bamboo Columns Plugin for...

BMI Calculator Plugin for WordPress cross-site scripting | CVE-2023-47814

November 25, 2023

NAME__________BMI Calculator Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BMI Calculator Plugin for WordPress 1.0.3Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________BMI Calculator Plugin for...

Elastic Elasticsearch denial of service | CVE-2023-46673

November 25, 2023

NAME__________Elastic Elasticsearch denial of servicePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Elastic Elasticsearch is vulnerable to a denial of service, caused by...

Accordion Plugin for WordPress cross-site scripting | CVE-2023-47809

November 25, 2023

NAME__________Accordion Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Accordion Plugin for WordPress 2.6Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Accordion Plugin for WordPress is vulnerable...

Ajax Domain Checker Plugin for WordPress cross-site scripting | CVE-2023-47810

November 25, 2023

NAME__________Ajax Domain Checker Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress UserPro Plugin for WordPress 5.1.0Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Ajax Domain Checker Plugin...

Charitable Plugin for WordPress cross-site scripting | CVE-2023-47816

November 25, 2023

NAME__________Charitable Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Charitable Plugin for WordPress 1.7.0.13Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Charitable Plugin for WordPress is vulnerable...

Daily Prayer Time Plugin for WordPress cross-site scripting | CVE-2023-47817

November 25, 2023

NAME__________Daily Prayer Time Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Daily Prayer Time Plugin for WordPress 2023.10.13Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Daily Prayer...

Month: November 2023

LockBit 3.0 Ransomware Victim: ribolia[.]com

UserPro Plugin for WordPress information disclosure | CVE-2023-2446

OpenHarmony information disclosure | CVE-2023-46100

UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2438

UserPro Plugin for WordPress cross-site request forgery | CVE-2023-2447

UserPro Plugin for WordPress security bypass | CVE-2023-2448

OpenHarmony denial of service | CVE-2023-47217

Anywhere Flash Embed Plugin for WordPress cross-site scripting | CVE-2023-47811

Add Widgets to Page Plugin for WordPress cross-site scripting | CVE-2023-47808

BP Profile Shortcodes Extra Plugin for WordPress cross-site scripting | CVE-2023-47815

Bamboo Columns Plugin for WordPress cross-site scripting | CVE-2023-47812

BMI Calculator Plugin for WordPress cross-site scripting | CVE-2023-47814

Elastic Elasticsearch denial of service | CVE-2023-46673

Accordion Plugin for WordPress cross-site scripting | CVE-2023-47809

Ajax Domain Checker Plugin for WordPress cross-site scripting | CVE-2023-47810

Charitable Plugin for WordPress cross-site scripting | CVE-2023-47816

Daily Prayer Time Plugin for WordPress cross-site scripting | CVE-2023-47817

Better RSS Widget Plugin for WordPress cross-site scripting | CVE-2023-47813

New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

UK and South Korea: Hackers use zero-day in supply-chain attack

Cyberattack on IT provider CTS impacts dozens of UK law firms

Critical bug in ownCloud file sharing app exposes admin passwords

CISA Launches Project to Assess Effectiveness of Security Controls

Black Friday: Phishing Emails Soar 237%

CVE Alert: CVE-2024-52867

CVE Alert: CVE-2020-25720

CVE Alert: CVE-2023-4639

CVE Alert: CVE-2023-1419

CVE Alert: CVE-2023-43091

You may have missed