CVE-2024-11466

CVE-2024-11466

Título es
CVE-2024-11466

Mié, 04/12/2024 – 08:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-11466

Descripción es
El complemento Intro Tour Tutorial DeepPresentation para WordPress es vulnerable a Cross Site Scripting reflejado a través del parámetro 'tab' en todas las versiones hasta la 6.5.2 incluida, debido a una desinfección de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutan si logran engañar a un usuario para que realice una acción, como hacer clic en un enlace.

Descripción en
The Intro Tour Tutorial DeepPresentation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 6.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

04/12/2024
04/12/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
6.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

  • https://plugins.trac.wordpress.org/browser/dp-intro-tours/tags/6.5.2/admin/class-dp-intro-tours-admin-settings.php#L125

  • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3198780%40dp-intro-tours&new=3198780%40dp-intro-tours

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/1fe082a7-3d36-48b4-b81f-1e65e5ea430d?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11293

    CVE-2024-11293

    Título es
    CVE-2024-11293

    Mié, 04/12/2024 – 08:15

    Tipo
    CWE-287

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11293

    Descripción es
    El complemento Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login es vulnerable a la omisión de autenticación en todas las versiones hasta la 1.7.9 incluida. Esto se debe a una verificación insuficiente del usuario que devuelve el token de inicio de sesión de redes sociales. Esto hace posible que atacantes no autenticados inicien sesión como cualquier usuario existente en el sitio, como un administrador, si tienen acceso al correo electrónico y el usuario no tiene una cuenta ya existente para el servicio que devuelve el token.

    Descripción en
    The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email and the user does not have an already-existing account for the service returning the token.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    8.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    HIGH

    Referencias

  • https://pieregister.com/

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/466ff226-a47e-46f1-a46c-6260208ffd42?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-10664

    CVE-2024-10664

    Título es
    CVE-2024-10664

    Mié, 04/12/2024 – 08:15

    Tipo
    CWE-862

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-10664

    Descripción es
    El complemento Knowledge Base documentation & wiki plugin – BasePress Docs para WordPress es vulnerable a la modificación no autorizada de datos debido a una verificación de capacidad faltante en la función basepress_db_posts_update() en todas las versiones hasta la 2.16.3.3 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen la base de datos.

    Descripción en
    The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepress_db_posts_update() function in all versions up to, and including, 2.16.3.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the database.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.30

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3201489%40basepress&new=3201489%40basepress

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/3aa6f3c2-0e45-4243-a26d-ba1c702fbe11?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11747

    CVE-2024-11747

    Título es
    CVE-2024-11747

    Mié, 04/12/2024 – 03:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11747

    Descripción en
    The Responsive Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'somryv' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://plugins.trac.wordpress.org/browser/responsive-youtube-videos/trunk/includes/somryv-shortcodes.php

  • https://wordpress.org/plugins/responsive-youtube-videos/

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/f723be00-79f1-4a24-8502-2c5844ccc5de?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11093

    CVE-2024-11093

    Título es
    CVE-2024-11093

    Mié, 04/12/2024 – 03:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11093

    Descripción en
    The SG Helper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in version 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    5.50

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://wordpress.org/plugins/sg-helper/#developers

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/9016822f-f167-4225-8216-e74cd687443c?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11897

    CVE-2024-11897

    Título es
    CVE-2024-11897

    Mié, 04/12/2024 – 03:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11897

    Descripción en
    The Contact Form, Survey & Form Builder – MightyForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mightyforms' shortcode in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.40

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://plugins.trac.wordpress.org/browser/mightyforms/trunk/shortcode.php#L13

  • https://wordpress.org/plugins/mightyforms/

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/c691e469-3bd2-415d-8feb-9ae94aeaf339?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11813

    CVE-2024-11813

    Título es
    CVE-2024-11813

    Mié, 04/12/2024 – 03:15

    Tipo
    CWE-352

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11813

    Descripción en
    The Pulsating Chat Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. This is due to missing or incorrect nonce validation on the amin_chat_button_settings_page() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://plugins.trac.wordpress.org/browser/amin-chat-button/trunk/chat-button.php#L24

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/cea8295b-b4be-4a95-9137-ad2033a5169d?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-11807

    CVE-2024-11807

    Título es
    CVE-2024-11807

    Mié, 04/12/2024 – 03:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-11807

    Descripción en
    The NPS computy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'data1' and 'data2' parameters in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

    04/12/2024
    04/12/2024
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3198661%40nps-computy/trunk&old=3141365%40nps-computy/trunk#file0

  • https://www.wordfence.com/threat-intel/vulnerabilities/id/fabeeba6-f3c0-4f9c-a12f-c97801aad810?source=cve

    • Enviar en el boletín
    Off

    CVE-2024-9404 | INCIBE-CERT | INCIBE

    Descripción

    *** Pendiente de traducción *** Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could lead to a denial-of-service condition or cause a service crash. This vulnerability allows attackers to exploit the Moxa service, commonly referred to as moxa_cmd, originally designed for deployment. Because of insufficient input validation, this service may be manipulated to trigger a denial-of-service.
    This vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent potential exploitation.

    CVE-2024-12123

    CVE-2024-12123

    Título es
    CVE-2024-12123

    Mié, 04/12/2024 – 04:15

    Tipo
    CWE-472

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-12123

    Descripción en
    A hidden field manipulation vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. 

    When an authenticated user submits a ticket, the request can be intercepted and subsequently modified by using a proxy.  The ticket requester can be changed from the original requester to another user in the same application,
    which the application then accepts.

    04/12/2024
    04/12/2024
    Vector CVSS:4.0
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

    Gravedad 4.0
    5.30

    Gravedad 4.0 txt
    MEDIUM

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://helpcenter.issuetrak.com/home/2340-issuetrak-release-notes

    • Enviar en el boletín
    Off