CVE-2022-3589 An API endpoint used by Miele's "AppWash" was vulnerable to an authorization bypass.
The only risk to availability was the low privileged attacker being able to change the password of another user, thus resulting in a change of
CVE-2022-41609 - Exploiting SSRF in Better Messages WordPress Plugin (Subscriber+ Auth Required)
WordPress powers millions of websites, and plugins extend its features. But what happens if a plugin has a dangerous security flaw? In this post, we’
CVE-2022-34827 - Exploiting Improper Access Control in Carel Boss Mini 1.5.
---
Quick Summary:
CVE-2022-34827 is a serious security vulnerability found in the Carel Boss Mini 1.5. industrial controller. This flaw lets unauthenticated users access
CVE-2022-44583 - Unauthorized Arbitrary File Download in WatchTowerHQ Plugin <= 3.6.15 for WordPress — Deep Dive Exploit Analysis
WordPress sites are a frequent target for hackers, mostly because of their huge ecosystem of third-party plugins. Unfortunately, one of these popular plugins, WatchTowerHQ, had
CVE-2022-45073 REST API Authentication plugin = 2.4.0 has a CSRF vulnerability.
REST API Authentication plugin is used to protect your WordPress REST API based authentication with username and password. REST API Authentication plugin has a security
Episode
00:00:00
00:00:00