Posts tagged on Disclosure

Ultimate Member User Profile & Membership Plugin STORED XSS

– Product: Ultimate Member – User Profile & Membership Plugin Version: 2.0.27 or earlier URL: https://wordpress.org/plugins/ultimate-member/ Potential users affected: 100.000+ CVE : CVE-2018-17866 Ultimate member Ultimate Member is one of the many user profile & membership plugins for WordPress. The plugin makes it a breeze for users to sign-up and become members of your website. The plugin … See Full Article

CVE
Disclosure
English
Ultimate Member User Profile & Membership Plugin STORED XSS Illustration

FontStruct - Break the Font InfraSTRUCTure!

– The website FontStruct allows even novice users to create their own personal font from scratch. A very simplified procedure: you sign up and you are ready to compose your font. Everything is offered through a simple interface as a free service. Not bad for a free service! Unfortunately, the developer who set up this service has not thought very well about security, repeatedly implementing … See Full Article

Disclosure
English
Security
XSS
FontStruct - Break the Font InfraSTRUCTure! Illustration

Hackers Can Take Full Control of Online Compilers through a Common Exploit

– Online compilers are a handy tool to save time and resources for coders, and are freely available for a variety of programming languages. They are useful for learning a new language and developing simple programs, such as the ubiquitous “Hello World” exercise. I often use online compilers when I am out, so that I don’t have to worry about locating and downloading all of the resources myself. Since … See Full Article

Disclosure
English
RCE
Security
Hackers Can Take Full Control of Online Compilers through a Common Exploit Illustration

All tags