Patrice Corteel

[CVE-2024-8853: CRITICAL] WordPress plugin Webo-facto vulnerable to privilege escalation up to version 1.40. Attackers can exploit 'doSsoAuthentification' function to become administrators with username '-wfuser'. Update plugin for cyber security. https://lnkd.in/eh4rMBct

[CVE-2024-8436: CRITICAL] WordPress Gallery Plugin WP Easy Gallery is vulnerable to SQL Injection, up to version 4.8.5. Attackers can exploit 'edit_imageId' and 'edit_imageDelete' parameters to extract sensitive data with subscribed user access or higher. https://lnkd.in/e_V4raRX

🚨 SECURITY ALERT: CVE-2024-7349 - LifterLMS 🚨 📝 CVE DETAILS: - 🆔 Vulnerability: CVE-2024-7349 - 🔥 Severity: High - 📉 CVSS Score: 7.2 - 🎯 Exploit Probability EPSS: The EPSS for this CVE has not been published yet. - 📜 Status according to CISA: Not actively exploited vulnerability. - 🛠️ Exploit: No exploit on GitHub or ExploitDB. - 🛡️ IoCs: No IoCs associated - 📅 Publication Date: 06/09/2024 07:33 UTC - 🌐 References: https://lnkd.in/etwTw-2r https://lnkd.in/egXc6_fB - 🖥️ Vulnerable Software: LifterLMS, <= 7.7.5, WordPress Plugin 🔍 EXPLANATION: The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all versions up to, and including, 7.7.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. 📈 TECHNICAL IMPACT: Attack Vector: Network access, Internet. Attack Complexity: Easy to exploit, does not require special skills. Privileges Required: Requires administrative privileges. User Interaction: No user interaction needed, can occur in the background. Scope: Does not spread to other systems Confidentiality: May reveal sensitive and critical information. Integrity: May modify or destroy important data. Availability: May cause the system to stop working completely. 🤖 Bot-generated post, gathering data from multiple sources and enhanced by AI. 📩 Contact: [email protected] #LifterLMS #CyberSecurity #InfoSec #Vulnerability #TechNews #AI #Automation

Interested in some FREE video content? Here is a video about Mapping Active Directory with BloodHound | Active Directory Red Teaming Tutorial | https://lnkd.in/dYF3XNvE #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource

Interested in some FREE video content? Here is a video about Mapping Active Directory with BloodHound | Active Directory Red Teaming Tutorial | https://lnkd.in/dYF3XNvE #infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource

‘Netfetcher’ package drops illicit ‘node’ binary on WindowsRecently identified PyPI packages called "netfetcher" and "pyfetcher" impersonate open source libraries and target Windows users with malicious executables that have a zero detection rate among leading antivirus engines. Furthermore, some of these executables are called "node.exe" and even bear the NodeJS icon and metadata, making them evasive and easily mistaken for legitimate libraries. The post ‘Netfetcher’ package drops illicit ‘node’ binary on Windows appeared first on Security Boulevard. Article Link: 'Netfetcher' package drops illicit 'node' binary on Windows - Security Boulevard 1 post - 1 participant Read full topic‘Netfetcher’ package drops illicit ‘node’ binary on Windows

🚨 SECURITY ALERT: CVE-2024-6698 - FundEngine plugin 🚨 📝 CVE DETAILS: - 🆔 Vulnerability: CVE-2024-6698 - 🔥 Severity: High - 📉 CVSS Score: 8.8 - 🎯 Exploit Probability EPSS: The EPSS for this CVE has not been published yet. - 📜 Status according to CISA: Not actively exploited vulnerability. - 🛠️ Exploit: No exploit on GitHub or ExploitDB. - 🛡️ IoCs: No IoCs associated - 📅 Publication Date: 01/08/2024 04:44 UTC - 🖥️ Vulnerable Software: FundEngine plugin, WordPress 🔍 EXPLANATION AND MITIGATION: 1. Cause of the Vulnerability: The FundEngine plugin for WordPress allows users to update their user metadata without proper verification. This means that attackers can change their user metadata to gain administrator privileges, even if they only have subscriber-level access. 2. Steps for Mitigation: 1. Update the FundEngine plugin to version 1.7.1 or later. 2. If you cannot update the plugin immediately, you can disable it by going to the "Plugins" page in your WordPress dashboard and clicking "Deactivate" next to the FundEngine plugin. 3. Once the plugin is disabled, you should manually check all user metadata and remove any suspicious entries. You can do this by going to the "Users" page in your WordPress dashboard and clicking "Edit" next to each user. 4. In the "User Profile" section, look for any suspicious entries in the "User Metadata" field. If you find any suspicious entries, delete them. 5. Once you have checked all user metadata, you can re-enable the FundEngine plugin. 📈 TECHNICAL IMPACT: Attack Vector: Network access, Internet. Attack Complexity: Easy to exploit, does not require special skills. Privileges Required: Requires some limited privileges. User Interaction: No user interaction needed, can occur in the background. Scope: Does not spread to other systems Confidentiality: May reveal sensitive and critical information. Integrity: May modify or destroy important data. Availability: May cause the system to stop working completely. 🔗 STAY SAFE AND INFORMED #FundEngineplugin #CyberSecurity #InfoSec #Vulnerability #TechNews #AI #Automation