Finished some important pages
parent
a238a5c435
commit
9158fb9dbf
|
@ -65,7 +65,7 @@ params:
|
||||||
imageTitle: Muhammad Daffa
|
imageTitle: Muhammad Daffa
|
||||||
buttons:
|
buttons:
|
||||||
- name: Read More
|
- name: Read More
|
||||||
url: profile
|
url: about
|
||||||
|
|
||||||
# home-info mode
|
# home-info mode
|
||||||
# homeInfoParams:
|
# homeInfoParams:
|
||||||
|
@ -116,7 +116,7 @@ menu:
|
||||||
main:
|
main:
|
||||||
- identifier: profile
|
- identifier: profile
|
||||||
name: About
|
name: About
|
||||||
url: /profile/
|
url: /about/
|
||||||
weight: 10
|
weight: 10
|
||||||
- identifier: portfolio
|
- identifier: portfolio
|
||||||
name: Portfolio
|
name: Portfolio
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
title: "About"
|
||||||
|
date: "2019-03-09"
|
||||||
|
# description: "About Muhammad Daffa"
|
||||||
|
tags: ["profile"]
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowBreadCrumbs: false
|
||||||
|
ShowRssButtonInSectionTermList: false
|
||||||
|
---
|
||||||
|
|
||||||
|
## Muhammad Daffa
|
||||||
|
Hi! I'm Muhammad Daffa, you can call me Daffa. I started learning about cyber security between 2019 / 2020. I was interested in cybersecurity when my facebook friends posted about how they get money doing an activity called "bug bounty". From that post, I tried to learn more about cybersecurity, especially penetration testing on website
|
||||||
|
|
||||||
|
Don't ever think I'm a professional penetration tester :D. There are still a lot of things about cyber security that I haven't learned, such as doing penetration testing on Android, iOS, or even on the network. Right now I'm learning about malware analysis too, thanks to TCM Security <3
|
||||||
|
|
||||||
|
## Contact
|
||||||
|
Contact me if you have something to discuss or if you have a great resource about cybersecurity, i'll be very happy to read about the resource :D
|
||||||
|
> Find my contact at the homepage
|
|
@ -0,0 +1,37 @@
|
||||||
|
---
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
title: "Portfolio"
|
||||||
|
date: "2019-03-09"
|
||||||
|
# description: "About Muhammad Daffa"
|
||||||
|
tags: ["profile"]
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowBreadCrumbs: false
|
||||||
|
ShowRssButtonInSectionTermList: false
|
||||||
|
---
|
||||||
|
|
||||||
|
Here are some of my achievements when doing bug hunting
|
||||||
|
|
||||||
|
## Bug Bounties and Hall of Fame
|
||||||
|
|
||||||
|
- [Sekolah Siber](https://sekolahsiber.com/hall-of-fame/)
|
||||||
|
- [Wageningen University & Research](https://www.wur.nl/en/about-wur/privacy-and-information-security/hall-of-fame-responsible-disclosure.htm)
|
||||||
|
- [PostNL Holding B.V](https://www.postnl.nl/en/responsible-disclosure)
|
||||||
|
- [Inflectra](https://www.inflectra.com/company/responsible-disclosure.aspx)
|
||||||
|
- [Legally Breaking](https://legallybreaking.com/index.php?p=/hall-fame) (Website Inactive)
|
||||||
|
- [PlanetArt](https://hackerone.com/planetart/thanks)
|
||||||
|
- [Yelp](https://hackerone.com/yelp/thanks)
|
||||||
|
- 2 Private Program at Hackerone
|
||||||
|
|
||||||
|
## Certificate Appreciation
|
||||||
|
|
||||||
|
- Axioo Class Program
|
||||||
|
- GeeksforGeeks
|
||||||
|
- Cambridge University
|
||||||
|
- Windesheim University
|
||||||
|
- Finansialku
|
||||||
|
- PixelNinja ID
|
||||||
|
- Bitrexgo (Website Inactive)
|
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
title: "Blog"
|
||||||
|
date: "2019-03-09"
|
||||||
|
# description: "About Muhammad Daffa"
|
||||||
|
tags: ["profile"]
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowBreadCrumbs: false
|
||||||
|
ShowRssButtonInSectionTermList: false
|
||||||
|
---
|
||||||
|
|
||||||
|
Coming Soon! Still in progress migrating from Medium to this website :)
|
|
@ -17,7 +17,7 @@ disableHLJS: true # to disable highlightjs
|
||||||
disableShare: false
|
disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: false
|
searchHidden: true
|
||||||
ShowReadingTime: false
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
|
|
|
@ -9,19 +9,18 @@ author: "Muhammad Daffa"
|
||||||
showToc: true
|
showToc: true
|
||||||
TocOpen: true
|
TocOpen: true
|
||||||
draft: false
|
draft: false
|
||||||
hidemeta: false
|
hidemeta: true
|
||||||
comments: false
|
comments: false
|
||||||
description: "WP Content Copy Protection & No Right Click < 3.4.5 - Settings Update via CSRF"
|
description: "WP Content Copy Protection & No Right Click < 3.4.5 - Settings Update via CSRF"
|
||||||
canonicalURL: "https://canonical.url/to/page"
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
disableHLJS: true # to disable highlightjs
|
disableHLJS: false # to disable highlightjs
|
||||||
disableShare: false
|
disableShare: false
|
||||||
disableHLJS: false
|
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
title: "CVE-2021-24519"
|
title: "CVE-2022-34347"
|
||||||
date: 2022-08-22T11:30:03+00:00
|
date: 2022-08-22T11:30:03+00:00
|
||||||
# weight: 1
|
# weight: 1
|
||||||
# aliases: ["/first"]
|
# aliases: ["/first"]
|
||||||
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-36340"
|
||||||
|
date: 2022-09-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress MailOptin plugin <= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin](https://wordpress.org/plugins/mailoptin/)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
30,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 1.2.49.0
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
1.2.50.0
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36340)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/mailoptin/wordpress-mailoptin-plugin-1-2-49-0-unauthenticated-optin-campaign-cache-deletion-vulnerability)
|
|
@ -18,10 +18,10 @@ disableShare: false
|
||||||
disableHLJS: false
|
disableHLJS: false
|
||||||
hideSummary: false
|
hideSummary: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowReadingTime: true
|
ShowReadingTime: false
|
||||||
ShowBreadCrumbs: true
|
ShowBreadCrumbs: true
|
||||||
ShowPostNavLinks: true
|
ShowPostNavLinks: true
|
||||||
ShowWordCount: true
|
ShowWordCount: false
|
||||||
ShowRssButtonInSectionTermList: true
|
ShowRssButtonInSectionTermList: true
|
||||||
UseHugoToc: true
|
UseHugoToc: true
|
||||||
cover:
|
cover:
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-38095"
|
||||||
|
date: 2022-09-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Advanced Dynamic Pricing for WooCommerce](https://wordpress.org/plugins/advanced-dynamic-pricing-for-woocommerce/)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
20,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 4.1.3
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
4.1.4
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38095)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/advanced-dynamic-pricing-for-woocommerce/wordpress-advanced-dynamic-pricing-for-woocommerce-plugin-4-1-3-cross-site-request-forgery-csrf-vulnerability)
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-38134"
|
||||||
|
date: 2022-09-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
50,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 5.3.5
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
5.3.6
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38134)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-authenticated-broken-access-control-vulnerability)
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-38470"
|
||||||
|
date: 2022-09-22T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Cross-Site Request Forgery"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
50,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 5.3.5
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
5.3.6
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38470)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-cross-site-request-forgery-csrf-vulnerability)
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-38704"
|
||||||
|
date: 2022-02-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress SEO Redirection plugin <= 8.9 - Cross-Site Request Forgery"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[SEO Redirection Plugin – 301 Redirect Manager](https://wordpress.org/plugins/seo-redirection)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
30,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 8.9
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
9.1
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38704)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/seo-redirection/wordpress-seo-redirection-plugin-8-9-cross-site-request-forgery-csrf-vulnerability)
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-40132"
|
||||||
|
date: 2022-09-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress Seriously Simple Podcasting plugin <= 2.16.0 - Cross-Site Request Forgery"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Seriously Simple Podcasting](https://wordpress.org/plugins/seriously-simple-podcasting)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
30,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 2.16.0
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
2.16.1
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40132)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/seriously-simple-podcasting/wordpress-seriously-simple-podcasting-plugin-2-16-0-cross-site-request-forgery-csrf-vulnerability)
|
|
@ -0,0 +1,54 @@
|
||||||
|
---
|
||||||
|
title: "CVE-2022-40194"
|
||||||
|
date: 2022-09-23T11:30:03+00:00
|
||||||
|
# weight: 1
|
||||||
|
# aliases: ["/first"]
|
||||||
|
tags: ["cve"]
|
||||||
|
author: "Muhammad Daffa"
|
||||||
|
# author: ["Me", "You"] # multiple authors
|
||||||
|
showToc: true
|
||||||
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
|
description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure"
|
||||||
|
canonicalURL: "https://canonical.url/to/page"
|
||||||
|
disableHLJS: false # to disable highlightjs
|
||||||
|
disableShare: false
|
||||||
|
hideSummary: false
|
||||||
|
searchHidden: true
|
||||||
|
ShowReadingTime: false
|
||||||
|
ShowBreadCrumbs: true
|
||||||
|
ShowPostNavLinks: true
|
||||||
|
ShowWordCount: false
|
||||||
|
ShowRssButtonInSectionTermList: true
|
||||||
|
UseHugoToc: true
|
||||||
|
cover:
|
||||||
|
image: "<image path/url>" # image path/url
|
||||||
|
alt: "<alt text>" # alt text
|
||||||
|
caption: "<text>" # display caption under cover
|
||||||
|
relative: false # when using page bundles set this to true
|
||||||
|
hidden: true # only hide on current single page
|
||||||
|
# editPost:
|
||||||
|
# URL: "https://github.com/<path_to_repo>/content"
|
||||||
|
# Text: "Suggest Changes" # edit text
|
||||||
|
# appendFilePath: true # to append file path to Edit link
|
||||||
|
---
|
||||||
|
## Description
|
||||||
|
Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress
|
||||||
|
|
||||||
|
## Plugin Name
|
||||||
|
[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/)
|
||||||
|
|
||||||
|
## Installation Number
|
||||||
|
50,000+
|
||||||
|
|
||||||
|
## Affected Version
|
||||||
|
<= 5.3.5
|
||||||
|
|
||||||
|
## Fixed Version
|
||||||
|
5.3.6
|
||||||
|
|
||||||
|
## Advisory link
|
||||||
|
* [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38134)
|
||||||
|
* [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-sensitive-information-disclosure-vulnerability/)
|
|
@ -1,14 +1,62 @@
|
||||||
---
|
---
|
||||||
author: "Muhammad Daffa"
|
author: "Muhammad Daffa"
|
||||||
title: "Placeholder Text"
|
title: "Portfolio"
|
||||||
date: "2019-03-09"
|
date: "2019-03-09"
|
||||||
description: "Lorem Ipsum Dolor Si Amet"
|
# description: "About Muhammad Daffa"
|
||||||
tags: ["markdown", "text"]
|
tags: ["profile"]
|
||||||
hideMeta: true
|
TocOpen: true
|
||||||
|
draft: false
|
||||||
|
hidemeta: true
|
||||||
|
comments: false
|
||||||
searchHidden: true
|
searchHidden: true
|
||||||
ShowBreadCrumbs: false
|
ShowBreadCrumbs: false
|
||||||
|
ShowRssButtonInSectionTermList: false
|
||||||
---
|
---
|
||||||
|
|
||||||
Test
|
Here are some of my portfolios on cybersecurity
|
||||||
Test
|
|
||||||
Test
|
## Bug Bounties
|
||||||
|
|
||||||
|
The list below are some of the companies that recognize me as a bug hunter. Here are 5 achievements that I just got
|
||||||
|
- Hall of Fame at Sekolah Siber
|
||||||
|
- Hall of Fame at wur.nl
|
||||||
|
- Thanks list at HackerOne PlanetArt
|
||||||
|
- Thanks list at Private Program HackerOne
|
||||||
|
- Certificate Appreciation from GeeksforGeeks
|
||||||
|
|
||||||
|
**[Click here](https://daffa.info/achievements/)** to see the full list
|
||||||
|
## CVEs
|
||||||
|
|
||||||
|
Here is a list of CVEs that I got, most of them came from vulnerabilities in wordpress. I have a target which is to have **100++ CVEs**.
|
||||||
|
- [CVE-2022-40194](https://daffa.info/cve/cve-2022-40194/) (WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure)
|
||||||
|
- [CVE-2022-40132](https://daffa.info/cve/cve-2022-40132/) (WordPress Seriously Simple Podcasting plugin <= 2.16.0 - CSRF)
|
||||||
|
- [CVE-2022-38704](https://daffa.info/cve/cve-2022-38704/) (WordPress SEO Redirection plugin <= 8.9 - CSRF)
|
||||||
|
- [CVE-2022-38470](https://daffa.info/cve/cve-2022-38470/) (WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - CSRF)
|
||||||
|
- [CVE-2022-38095](https://daffa.info/cve/cve-2022-38095/) (WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - CSRF)
|
||||||
|
|
||||||
|
Total CVEs: **19**
|
||||||
|
|
||||||
|
**[Click here](https://daffa.info/cve/)** to see the full list
|
||||||
|
|
||||||
|
## GitHub Projects
|
||||||
|
|
||||||
|
These are my github projects which have lots of stars and forks
|
||||||
|
|
||||||
|
- [AllAboutBugBounty](https://github.com/daffainfo/AllAboutBugBounty)
|
||||||
|
- [all-about-apikey](https://github.com/daffainfo/all-about-apikey)
|
||||||
|
- [Key-Checker](https://github.com/daffainfo/Key-Checker)
|
||||||
|
- [match-replace-burp](https://github.com/daffainfo/match-replace-burp)
|
||||||
|
- [Git-Secret](https://github.com/daffainfo/Git-Secret)
|
||||||
|
- [Bug-Bounty-Tools](https://github.com/daffainfo/Bug-Bounty-Tools)
|
||||||
|
|
||||||
|
**[Click here](https://github.com/daffainfo?tab=repositories)** to check some of my repositories
|
||||||
|
## Certifications
|
||||||
|
|
||||||
|
- eLearnSecurity Junior Penetration Tester (eJPT)
|
||||||
|
- Certified Secure Computer User (C/SCU)
|
||||||
|
- Fortinet Network Security Expert Level 1: Certified Associate (NSE 1)
|
||||||
|
- Fortinet Network Security Expert Level 2: Certified Associate (NSE 2)
|
||||||
|
|
||||||
|
## Misc
|
||||||
|
|
||||||
|
- Top contributor at [nuclei-templates](https://github.com/projectdiscovery/nuclei-templates)
|
||||||
|
|
|
@ -1,87 +1,4 @@
|
||||||
<!doctype html><html lang=en dir=auto>
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>404 Page not found | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/404.html><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="404 Page not found"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/404.html"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="404 Page not found"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><div class=not-found>404</div></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
<head><meta charset=utf-8>
|
<span>Powered by
|
||||||
<meta http-equiv=x-ua-compatible content="IE=edge">
|
|
||||||
<meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
|
||||||
<meta name=robots content="index, follow">
|
|
||||||
<title>404 Page not found | Muhammad Daffa</title>
|
|
||||||
<meta name=keywords content>
|
|
||||||
<meta name=description content="Portfolio by Muhammad Daffa">
|
|
||||||
<meta name=author content="Muhammad Daffa">
|
|
||||||
<link rel=canonical href=https://daffa.info/404.html>
|
|
||||||
<link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style>
|
|
||||||
<link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<meta name=theme-color content="#2e2e33">
|
|
||||||
<meta name=msapplication-TileColor content="#2e2e33">
|
|
||||||
<noscript>
|
|
||||||
<style>#theme-toggle,.top-link{display:none}</style>
|
|
||||||
<style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style>
|
|
||||||
</noscript><meta property="og:title" content="404 Page not found">
|
|
||||||
<meta property="og:description" content="Portfolio by Muhammad Daffa">
|
|
||||||
<meta property="og:type" content="website">
|
|
||||||
<meta property="og:url" content="https://daffa.info/404.html"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa">
|
|
||||||
<meta name=twitter:card content="summary_large_image">
|
|
||||||
<meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E">
|
|
||||||
<meta name=twitter:title content="404 Page not found">
|
|
||||||
<meta name=twitter:description content="Portfolio by Muhammad Daffa">
|
|
||||||
</head>
|
|
||||||
<body class=list id=top>
|
|
||||||
<script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add('dark'):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove('dark'):window.matchMedia('(prefers-color-scheme: dark)').matches&&document.body.classList.add('dark')</script>
|
|
||||||
<header class=header>
|
|
||||||
<nav class=nav>
|
|
||||||
<div class=logo>
|
|
||||||
<a href=https://daffa.info/ accesskey=h title="Home (Alt + H)">
|
|
||||||
<img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a>
|
|
||||||
<div class=logo-switches>
|
|
||||||
<button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg>
|
|
||||||
</button>
|
|
||||||
<ul class="menu hidden">
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
|
||||||
<span>About</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/blog/ title=Blog>
|
|
||||||
<span>Blog</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/portfolio/ title=Portfolio>
|
|
||||||
<span>Portfolio</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/>
|
|
||||||
<span>Search</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</nav>
|
|
||||||
</header>
|
|
||||||
<main class=main>
|
|
||||||
<div class=not-found>404</div>
|
|
||||||
</main>
|
|
||||||
<footer class=footer>
|
|
||||||
<span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
|
||||||
<span>
|
|
||||||
Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a>
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
||||||
</span>
|
|
||||||
</footer>
|
|
||||||
<a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
|
|
||||||
</a>
|
|
||||||
<script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(a){b.contains(a.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script>
|
|
||||||
<script>let menu=document.getElementById('menu');menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(a=>{a.addEventListener("click",function(b){b.preventDefault();var a=this.getAttribute("href").substr(1);window.matchMedia('(prefers-reduced-motion: reduce)').matches?document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView({behavior:"smooth"}),a==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${a}`)})})</script>
|
|
||||||
<script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script>
|
|
||||||
<script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove('dark'),localStorage.setItem("pref-theme",'light')):(document.body.classList.add('dark'),localStorage.setItem("pref-theme",'dark'))})</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,14 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||||
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
||||||
|
<channel>
|
||||||
|
<title>About on Muhammad Daffa</title>
|
||||||
|
<link>https://daffa.info/about/</link>
|
||||||
|
<description>Recent content in About on Muhammad Daffa</description>
|
||||||
|
<image>
|
||||||
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
||||||
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
|
</image>
|
||||||
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
|
<lastBuildDate>Sat, 09 Mar 2019 00:00:00 +0000</lastBuildDate><atom:link href="https://daffa.info/about/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
</channel>
|
||||||
|
</rss>
|
|
@ -0,0 +1 @@
|
||||||
|
<!doctype html><html lang=en><head><title>https://daffa.info/about/</title><link rel=canonical href=https://daffa.info/about/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/about/"></head></html>
|
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,14 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||||
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
||||||
|
<channel>
|
||||||
|
<title>Portfolio on Muhammad Daffa</title>
|
||||||
|
<link>https://daffa.info/achievements/</link>
|
||||||
|
<description>Recent content in Portfolio on Muhammad Daffa</description>
|
||||||
|
<image>
|
||||||
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
||||||
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
|
</image>
|
||||||
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
|
<lastBuildDate>Sat, 09 Mar 2019 00:00:00 +0000</lastBuildDate><atom:link href="https://daffa.info/achievements/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
</channel>
|
||||||
|
</rss>
|
|
@ -0,0 +1 @@
|
||||||
|
<!doctype html><html lang=en><head><title>https://daffa.info/achievements/</title><link rel=canonical href=https://daffa.info/achievements/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/achievements/"></head></html>
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,14 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||||
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
||||||
|
<channel>
|
||||||
|
<title>Blog on Muhammad Daffa</title>
|
||||||
|
<link>https://daffa.info/blog/</link>
|
||||||
|
<description>Recent content in Blog on Muhammad Daffa</description>
|
||||||
|
<image>
|
||||||
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
||||||
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
|
</image>
|
||||||
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
|
<lastBuildDate>Sat, 09 Mar 2019 00:00:00 +0000</lastBuildDate><atom:link href="https://daffa.info/blog/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
</channel>
|
||||||
|
</rss>
|
|
@ -0,0 +1 @@
|
||||||
|
<!doctype html><html lang=en><head><title>https://daffa.info/blog/</title><link rel=canonical href=https://daffa.info/blog/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/blog/"></head></html>
|
|
@ -1,92 +1,4 @@
|
||||||
<!doctype html><html lang=en dir=auto>
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Categories | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/categories/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/categories/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="Categories"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/categories/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="Categories"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><h1>Categories</h1></header><ul class=terms-tags></ul></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
<head><meta charset=utf-8>
|
<span>Powered by
|
||||||
<meta http-equiv=x-ua-compatible content="IE=edge">
|
|
||||||
<meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
|
||||||
<meta name=robots content="index, follow">
|
|
||||||
<title>Categories | Muhammad Daffa</title>
|
|
||||||
<meta name=keywords content>
|
|
||||||
<meta name=description content="Portfolio by Muhammad Daffa">
|
|
||||||
<meta name=author content="Muhammad Daffa">
|
|
||||||
<link rel=canonical href=https://daffa.info/categories/>
|
|
||||||
<link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style>
|
|
||||||
<link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<meta name=theme-color content="#2e2e33">
|
|
||||||
<meta name=msapplication-TileColor content="#2e2e33">
|
|
||||||
<link rel=alternate type=application/rss+xml href=https://daffa.info/categories/index.xml>
|
|
||||||
<noscript>
|
|
||||||
<style>#theme-toggle,.top-link{display:none}</style>
|
|
||||||
<style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style>
|
|
||||||
</noscript><meta property="og:title" content="Categories">
|
|
||||||
<meta property="og:description" content="Portfolio by Muhammad Daffa">
|
|
||||||
<meta property="og:type" content="website">
|
|
||||||
<meta property="og:url" content="https://daffa.info/categories/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa">
|
|
||||||
<meta name=twitter:card content="summary_large_image">
|
|
||||||
<meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E">
|
|
||||||
<meta name=twitter:title content="Categories">
|
|
||||||
<meta name=twitter:description content="Portfolio by Muhammad Daffa">
|
|
||||||
</head>
|
|
||||||
<body class=list id=top>
|
|
||||||
<script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add('dark'):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove('dark'):window.matchMedia('(prefers-color-scheme: dark)').matches&&document.body.classList.add('dark')</script>
|
|
||||||
<header class=header>
|
|
||||||
<nav class=nav>
|
|
||||||
<div class=logo>
|
|
||||||
<a href=https://daffa.info/ accesskey=h title="Home (Alt + H)">
|
|
||||||
<img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a>
|
|
||||||
<div class=logo-switches>
|
|
||||||
<button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg>
|
|
||||||
</button>
|
|
||||||
<ul class="menu hidden">
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
|
||||||
<span>About</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/blog/ title=Blog>
|
|
||||||
<span>Blog</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/portfolio/ title=Portfolio>
|
|
||||||
<span>Portfolio</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/>
|
|
||||||
<span>Search</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</nav>
|
|
||||||
</header>
|
|
||||||
<main class=main>
|
|
||||||
<header class=page-header>
|
|
||||||
<h1>Categories</h1>
|
|
||||||
</header>
|
|
||||||
<ul class=terms-tags>
|
|
||||||
</ul>
|
|
||||||
</main>
|
|
||||||
<footer class=footer>
|
|
||||||
<span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
|
||||||
<span>
|
|
||||||
Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a>
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
||||||
</span>
|
|
||||||
</footer>
|
|
||||||
<a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
|
|
||||||
</a>
|
|
||||||
<script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(a){b.contains(a.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script>
|
|
||||||
<script>let menu=document.getElementById('menu');menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(a=>{a.addEventListener("click",function(b){b.preventDefault();var a=this.getAttribute("href").substr(1);window.matchMedia('(prefers-reduced-motion: reduce)').matches?document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView({behavior:"smooth"}),a==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${a}`)})})</script>
|
|
||||||
<script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script>
|
|
||||||
<script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove('dark'),localStorage.setItem("pref-theme",'light')):(document.body.classList.add('dark'),localStorage.setItem("pref-theme",'dark'))})</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -9,7 +9,61 @@
|
||||||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
</image>
|
</image>
|
||||||
<generator>Hugo -- gohugo.io</generator>
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
<lastBuildDate>Tue, 23 Aug 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/cve/index.xml" rel="self" type="application/rss+xml" />
|
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-36340</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-36340/</guid>
|
||||||
|
<description>WordPress MailOptin plugin &lt;= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38095</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38095/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38095/</guid>
|
||||||
|
<description>WordPress Advanced Dynamic Pricing for WooCommerce plugin &lt;= 4.1.3 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38134</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38134/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38134/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Authenticated Broken Access Control</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40132</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40132/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40132/</guid>
|
||||||
|
<description>WordPress Seriously Simple Podcasting plugin &lt;= 2.16.0 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40194</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40194/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40194/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Sensitive Information Disclosure</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38470</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38470/</link>
|
||||||
|
<pubDate>Thu, 22 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38470/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-36282</title>
|
<title>CVE-2022-36282</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
||||||
|
@ -20,7 +74,7 @@
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2021-24519</title>
|
<title>CVE-2022-34347</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
||||||
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
@ -73,6 +127,15 @@
|
||||||
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38704</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38704/</link>
|
||||||
|
<pubDate>Wed, 23 Feb 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38704/</guid>
|
||||||
|
<description>WordPress SEO Redirection plugin &lt;= 8.9 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-23983</title>
|
<title>CVE-2022-23983</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1 +1 @@
|
||||||
[{"content":"Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the \u0026lsquo;Text Next to Icon\u0026rsquo; field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue\nPlugin Name VikRentCar\nInstallation Number 1,000+\nAffected Version \u0026lt;= 1.1.9\nFixed Version 1.1.10\nAdvisory Link MITRE WPScan ","permalink":"https://daffa.info/cve/cve-2021-24519/","summary":"Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the \u0026lsquo;Text Next to Icon\u0026rsquo; field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue\nPlugin Name VikRentCar\nInstallation Number 1,000+\nAffected Version \u0026lt;= 1.1.9\nFixed Version 1.1.10\nAdvisory Link MITRE WPScan ","title":"CVE-2021-24519"}]
|
[]
|
|
@ -9,7 +9,61 @@
|
||||||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
</image>
|
</image>
|
||||||
<generator>Hugo -- gohugo.io</generator>
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
<lastBuildDate>Tue, 23 Aug 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/index.xml" rel="self" type="application/rss+xml" />
|
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-36340</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-36340/</guid>
|
||||||
|
<description>WordPress MailOptin plugin &lt;= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38095</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38095/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38095/</guid>
|
||||||
|
<description>WordPress Advanced Dynamic Pricing for WooCommerce plugin &lt;= 4.1.3 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38134</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38134/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38134/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Authenticated Broken Access Control</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40132</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40132/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40132/</guid>
|
||||||
|
<description>WordPress Seriously Simple Podcasting plugin &lt;= 2.16.0 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40194</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40194/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40194/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Sensitive Information Disclosure</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38470</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38470/</link>
|
||||||
|
<pubDate>Thu, 22 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38470/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-36282</title>
|
<title>CVE-2022-36282</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
||||||
|
@ -20,7 +74,7 @@
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2021-24519</title>
|
<title>CVE-2022-34347</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
||||||
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
@ -73,6 +127,15 @@
|
||||||
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38704</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38704/</link>
|
||||||
|
<pubDate>Wed, 23 Feb 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38704/</guid>
|
||||||
|
<description>WordPress SEO Redirection plugin &lt;= 8.9 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-23983</title>
|
<title>CVE-2022-23983</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1,9 +1,9 @@
|
||||||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||||
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
||||||
<channel>
|
<channel>
|
||||||
<title>Placeholder Text on Muhammad Daffa</title>
|
<title>Portfolio on Muhammad Daffa</title>
|
||||||
<link>https://daffa.info/portfolio/</link>
|
<link>https://daffa.info/portfolio/</link>
|
||||||
<description>Recent content in Placeholder Text on Muhammad Daffa</description>
|
<description>Recent content in Portfolio on Muhammad Daffa</description>
|
||||||
<image>
|
<image>
|
||||||
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
||||||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
<!doctype html><html><head><title>https://daffa.info/portfolio/</title><link rel=canonical href=https://daffa.info/portfolio/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/portfolio/"></head></html>
|
<!doctype html><html lang=en><head><title>https://daffa.info/portfolio/</title><link rel=canonical href=https://daffa.info/portfolio/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/portfolio/"></head></html>
|
File diff suppressed because one or more lines are too long
|
@ -3,18 +3,36 @@
|
||||||
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
xmlns:xhtml="http://www.w3.org/1999/xhtml">
|
||||||
<url>
|
<url>
|
||||||
<loc>https://daffa.info/tags/cve/</loc>
|
<loc>https://daffa.info/tags/cve/</loc>
|
||||||
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/cve/cve-2022-36282/</loc>
|
<loc>https://daffa.info/cve/cve-2022-36340/</loc>
|
||||||
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-38095/</loc>
|
||||||
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-38134/</loc>
|
||||||
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-40132/</loc>
|
||||||
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-40194/</loc>
|
||||||
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/cve/</loc>
|
<loc>https://daffa.info/cve/</loc>
|
||||||
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/</loc>
|
<loc>https://daffa.info/</loc>
|
||||||
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/tags/</loc>
|
<loc>https://daffa.info/tags/</loc>
|
||||||
|
<lastmod>2022-09-23T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-38470/</loc>
|
||||||
|
<lastmod>2022-09-22T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-36282/</loc>
|
||||||
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
<lastmod>2022-08-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/cve/cve-2022-34347/</loc>
|
<loc>https://daffa.info/cve/cve-2022-34347/</loc>
|
||||||
|
@ -34,6 +52,9 @@
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/cve/cve-2022-25618/</loc>
|
<loc>https://daffa.info/cve/cve-2022-25618/</loc>
|
||||||
<lastmod>2022-04-04T11:30:03+00:00</lastmod>
|
<lastmod>2022-04-04T11:30:03+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/cve/cve-2022-38704/</loc>
|
||||||
|
<lastmod>2022-02-23T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/cve/cve-2022-23983/</loc>
|
<loc>https://daffa.info/cve/cve-2022-23983/</loc>
|
||||||
<lastmod>2022-02-21T11:30:03+00:00</lastmod>
|
<lastmod>2022-02-21T11:30:03+00:00</lastmod>
|
||||||
|
@ -50,13 +71,19 @@
|
||||||
<loc>https://daffa.info/cve/cve-2021-24519/</loc>
|
<loc>https://daffa.info/cve/cve-2021-24519/</loc>
|
||||||
<lastmod>2021-07-19T11:30:03+00:00</lastmod>
|
<lastmod>2021-07-19T11:30:03+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/tags/markdown/</loc>
|
<loc>https://daffa.info/about/</loc>
|
||||||
|
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/blog/</loc>
|
||||||
|
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
||||||
|
</url><url>
|
||||||
|
<loc>https://daffa.info/achievements/</loc>
|
||||||
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/portfolio/</loc>
|
<loc>https://daffa.info/portfolio/</loc>
|
||||||
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/tags/text/</loc>
|
<loc>https://daffa.info/tags/profile/</loc>
|
||||||
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
<lastmod>2019-03-09T00:00:00+00:00</lastmod>
|
||||||
</url><url>
|
</url><url>
|
||||||
<loc>https://daffa.info/categories/</loc>
|
<loc>https://daffa.info/categories/</loc>
|
||||||
|
|
|
@ -1,180 +1,30 @@
|
||||||
<!doctype html><html lang=en dir=auto>
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||||
<head><meta charset=utf-8>
|
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36340</h2></header><div class=entry-content><p>Description Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress.
|
||||||
<meta http-equiv=x-ua-compatible content="IE=edge">
|
Plugin Name Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin
|
||||||
<meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
Installation Number 30,000+
|
||||||
<meta name=robots content="index, follow">
|
Affected Version <= 1.2.49.0
|
||||||
<title>cve | Muhammad Daffa</title>
|
Fixed Version 1.2.50.0
|
||||||
<meta name=keywords content>
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-36340" href=https://daffa.info/cve/cve-2022-36340/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38095</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress.
|
||||||
<meta name=description content="Portfolio by Muhammad Daffa">
|
Plugin Name Advanced Dynamic Pricing for WooCommerce
|
||||||
<meta name=author content="Muhammad Daffa">
|
Installation Number 20,000+
|
||||||
<link rel=canonical href=https://daffa.info/tags/cve/>
|
Affected Version <= 4.1.3
|
||||||
<link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style>
|
Fixed Version 4.1.4
|
||||||
<link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38095" href=https://daffa.info/cve/cve-2022-38095/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38134</h2></header><div class=entry-content><p>Description Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||||
<link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Plugin Name Customer Reviews for WooCommerce
|
||||||
<link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Installation Number 50,000+
|
||||||
<link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Affected Version <= 5.3.5
|
||||||
<link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Fixed Version 5.3.6
|
||||||
<meta name=theme-color content="#2e2e33">
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38134" href=https://daffa.info/cve/cve-2022-38134/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40132</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change.
|
||||||
<meta name=msapplication-TileColor content="#2e2e33">
|
Plugin Name Seriously Simple Podcasting
|
||||||
<link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml>
|
Installation Number 30,000+
|
||||||
<noscript>
|
Affected Version <= 2.16.0
|
||||||
<style>#theme-toggle,.top-link{display:none}</style>
|
Fixed Version 2.16.1
|
||||||
<style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style>
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40132" href=https://daffa.info/cve/cve-2022-40132/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-40194</h2></header><div class=entry-content><p>Description Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress
|
||||||
</noscript><meta property="og:title" content="cve">
|
Plugin Name Customer Reviews for WooCommerce
|
||||||
<meta property="og:description" content="Portfolio by Muhammad Daffa">
|
Installation Number 50,000+
|
||||||
<meta property="og:type" content="website">
|
Affected Version <= 5.3.5
|
||||||
<meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa">
|
Fixed Version 5.3.6
|
||||||
<meta name=twitter:card content="summary_large_image">
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-40194" href=https://daffa.info/cve/cve-2022-40194/></a></article><footer class=page-footer><nav class=pagination><a class=next href=https://daffa.info/tags/cve/page/2/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
<meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E">
|
<span>Powered by
|
||||||
<meta name=twitter:title content="cve">
|
|
||||||
<meta name=twitter:description content="Portfolio by Muhammad Daffa">
|
|
||||||
</head>
|
|
||||||
<body class=list id=top>
|
|
||||||
<script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add('dark'):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove('dark'):window.matchMedia('(prefers-color-scheme: dark)').matches&&document.body.classList.add('dark')</script>
|
|
||||||
<header class=header>
|
|
||||||
<nav class=nav>
|
|
||||||
<div class=logo>
|
|
||||||
<a href=https://daffa.info/ accesskey=h title="Home (Alt + H)">
|
|
||||||
<img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a>
|
|
||||||
<div class=logo-switches>
|
|
||||||
<button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg>
|
|
||||||
</button>
|
|
||||||
<ul class="menu hidden">
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
|
||||||
<span>About</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/blog/ title=Blog>
|
|
||||||
<span>Blog</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/portfolio/ title=Portfolio>
|
|
||||||
<span>Portfolio</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/>
|
|
||||||
<span>Search</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</nav>
|
|
||||||
</header>
|
|
||||||
<main class=main>
|
|
||||||
<header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div>
|
|
||||||
<h1>
|
|
||||||
cve
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg>
|
|
||||||
</a>
|
|
||||||
</h1>
|
|
||||||
</header>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-36282
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy’s Search Exclude plugin <= 1.2.6 at WordPress.
|
|
||||||
Plugin Name Search Exclude
|
|
||||||
Installation Number 60,000+
|
|
||||||
Affected Version <= 1.2.6
|
|
||||||
Fixed Version 1.2.7
|
|
||||||
Advisory Link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-08-23 11:30:03 +0000 UTC">August 23, 2022</span> · 1 min · 37 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-36282" href=https://daffa.info/cve/cve-2022-36282/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2021-24519
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
|
|
||||||
Plugin Name Download Manager
|
|
||||||
Installation Number 100,000+
|
|
||||||
Affected Version <= 3.2.48
|
|
||||||
Fixed Version 3.2.49
|
|
||||||
Advisory Link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-08-22 11:30:03 +0000 UTC">August 22, 2022</span> · 1 min · 35 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2021-24519" href=https://daffa.info/cve/cve-2022-34347/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-36346
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
|
|
||||||
Plugin Name MaxButtons
|
|
||||||
Installation Number 100,000+
|
|
||||||
Affected Version <= 9.2
|
|
||||||
Fixed Version 9.3
|
|
||||||
Advisory Link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-08-22 11:30:03 +0000 UTC">August 22, 2022</span> · 1 min · 34 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-36346" href=https://daffa.info/cve/cve-2022-36346/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-33201
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
|
|
||||||
Plugin Name MailerLite – Signup forms (official)
|
|
||||||
Installation Number 60,000+
|
|
||||||
Affected Version <= 1.5.6
|
|
||||||
Fixed Version 1.5.7
|
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-05-08 11:30:03 +0000 UTC">May 8, 2022</span> · 1 min · 47 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-33201" href=https://daffa.info/cve/cve-2022-33201/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-27848
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1
|
|
||||||
Plugin Name Modern Events Calendar Lite
|
|
||||||
Installation Number 100,000+ (Closed)
|
|
||||||
Affected Version <= 6.5.1
|
|
||||||
Fixed Version 6.5.2
|
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-04-14 11:30:03 +0000 UTC">April 14, 2022</span> · 1 min · 39 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-27848" href=https://daffa.info/cve/cve-2022-27848/></a>
|
|
||||||
</article>
|
|
||||||
<footer class=page-footer>
|
|
||||||
<nav class=pagination>
|
|
||||||
<a class=next href=https://daffa.info/tags/cve/page/2/>Next »
|
|
||||||
</a>
|
|
||||||
</nav>
|
|
||||||
</footer>
|
|
||||||
</main>
|
|
||||||
<footer class=footer>
|
|
||||||
<span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
|
||||||
<span>
|
|
||||||
Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a>
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
||||||
</span>
|
|
||||||
</footer>
|
|
||||||
<a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
|
|
||||||
</a>
|
|
||||||
<script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(a){b.contains(a.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script>
|
|
||||||
<script>let menu=document.getElementById('menu');menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(a=>{a.addEventListener("click",function(b){b.preventDefault();var a=this.getAttribute("href").substr(1);window.matchMedia('(prefers-reduced-motion: reduce)').matches?document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView({behavior:"smooth"}),a==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${a}`)})})</script>
|
|
||||||
<script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script>
|
|
||||||
<script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove('dark'),localStorage.setItem("pref-theme",'light')):(document.body.classList.add('dark'),localStorage.setItem("pref-theme",'dark'))})</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -9,7 +9,61 @@
|
||||||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
</image>
|
</image>
|
||||||
<generator>Hugo -- gohugo.io</generator>
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
<lastBuildDate>Tue, 23 Aug 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/cve/index.xml" rel="self" type="application/rss+xml" />
|
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/cve/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-36340</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-36340/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-36340/</guid>
|
||||||
|
<description>WordPress MailOptin plugin &lt;= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38095</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38095/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38095/</guid>
|
||||||
|
<description>WordPress Advanced Dynamic Pricing for WooCommerce plugin &lt;= 4.1.3 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38134</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38134/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38134/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Authenticated Broken Access Control</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40132</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40132/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40132/</guid>
|
||||||
|
<description>WordPress Seriously Simple Podcasting plugin &lt;= 2.16.0 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-40194</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-40194/</link>
|
||||||
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-40194/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Sensitive Information Disclosure</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38470</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38470/</link>
|
||||||
|
<pubDate>Thu, 22 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38470/</guid>
|
||||||
|
<description>WordPress Customer Reviews for WooCommerce plugin &lt;= 5.3.5 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-36282</title>
|
<title>CVE-2022-36282</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
<link>https://daffa.info/cve/cve-2022-36282/</link>
|
||||||
|
@ -20,7 +74,7 @@
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2021-24519</title>
|
<title>CVE-2022-34347</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
<link>https://daffa.info/cve/cve-2022-34347/</link>
|
||||||
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
<pubDate>Mon, 22 Aug 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
@ -73,6 +127,15 @@
|
||||||
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
<description>wpDataTables &lt; 2.1.28 - Admin+ Stored Cross-Site Scripting</description>
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>CVE-2022-38704</title>
|
||||||
|
<link>https://daffa.info/cve/cve-2022-38704/</link>
|
||||||
|
<pubDate>Wed, 23 Feb 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/cve/cve-2022-38704/</guid>
|
||||||
|
<description>WordPress SEO Redirection plugin &lt;= 8.9 - Cross-Site Request Forgery</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>CVE-2022-23983</title>
|
<title>CVE-2022-23983</title>
|
||||||
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
<link>https://daffa.info/cve/cve-2022-23983/</link>
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
<!doctype html><html><head><title>https://daffa.info/tags/cve/</title><link rel=canonical href=https://daffa.info/tags/cve/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/tags/cve/"></head></html>
|
<!doctype html><html lang=en><head><title>https://daffa.info/tags/cve/</title><link rel=canonical href=https://daffa.info/tags/cve/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/tags/cve/"></head></html>
|
|
@ -1,183 +1,31 @@
|
||||||
<!doctype html><html lang=en dir=auto>
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||||
<head><meta charset=utf-8>
|
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38470</h2></header><div class=entry-content><p>Description Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
|
||||||
<meta http-equiv=x-ua-compatible content="IE=edge">
|
Plugin Name Customer Reviews for WooCommerce
|
||||||
<meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
Installation Number 50,000+
|
||||||
<meta name=robots content="index, follow">
|
Affected Version <= 5.3.5
|
||||||
<title>cve | Muhammad Daffa</title>
|
Fixed Version 5.3.6
|
||||||
<meta name=keywords content>
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38470" href=https://daffa.info/cve/cve-2022-38470/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36282</h2></header><div class=entry-content><p>Description Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy’s Search Exclude plugin <= 1.2.6 at WordPress.
|
||||||
<meta name=description content="Portfolio by Muhammad Daffa">
|
Plugin Name Search Exclude
|
||||||
<meta name=author content="Muhammad Daffa">
|
|
||||||
<link rel=canonical href=https://daffa.info/tags/cve/>
|
|
||||||
<link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style>
|
|
||||||
<link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
|
||||||
<meta name=theme-color content="#2e2e33">
|
|
||||||
<meta name=msapplication-TileColor content="#2e2e33">
|
|
||||||
<link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml>
|
|
||||||
<noscript>
|
|
||||||
<style>#theme-toggle,.top-link{display:none}</style>
|
|
||||||
<style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style>
|
|
||||||
</noscript><meta property="og:title" content="cve">
|
|
||||||
<meta property="og:description" content="Portfolio by Muhammad Daffa">
|
|
||||||
<meta property="og:type" content="website">
|
|
||||||
<meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa">
|
|
||||||
<meta name=twitter:card content="summary_large_image">
|
|
||||||
<meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E">
|
|
||||||
<meta name=twitter:title content="cve">
|
|
||||||
<meta name=twitter:description content="Portfolio by Muhammad Daffa">
|
|
||||||
</head>
|
|
||||||
<body class=list id=top>
|
|
||||||
<script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add('dark'):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove('dark'):window.matchMedia('(prefers-color-scheme: dark)').matches&&document.body.classList.add('dark')</script>
|
|
||||||
<header class=header>
|
|
||||||
<nav class=nav>
|
|
||||||
<div class=logo>
|
|
||||||
<a href=https://daffa.info/ accesskey=h title="Home (Alt + H)">
|
|
||||||
<img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a>
|
|
||||||
<div class=logo-switches>
|
|
||||||
<button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg>
|
|
||||||
</button>
|
|
||||||
<ul class="menu hidden">
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
|
||||||
<span>About</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/blog/ title=Blog>
|
|
||||||
<span>Blog</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/portfolio/ title=Portfolio>
|
|
||||||
<span>Portfolio</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/>
|
|
||||||
<span>Search</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</nav>
|
|
||||||
</header>
|
|
||||||
<main class=main>
|
|
||||||
<header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div>
|
|
||||||
<h1>
|
|
||||||
cve
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg>
|
|
||||||
</a>
|
|
||||||
</h1>
|
|
||||||
</header>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-27844
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70
|
|
||||||
Plugin Name WPvivid
|
|
||||||
Installation Number 200,000+
|
|
||||||
Affected Version <= 0.9.70
|
|
||||||
Fixed Version 0.9.71
|
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-04-11 11:30:03 +0000 UTC">April 11, 2022</span> · 1 min · 36 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-27844" href=https://daffa.info/cve/cve-2022-27844/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-25618
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
|
|
||||||
Plugin Name wpDataTables
|
|
||||||
Installation Number 60,000+
|
Installation Number 60,000+
|
||||||
Affected Version <= 2.1.27
|
Affected Version <= 1.2.6
|
||||||
Fixed Version 2.1.28
|
Fixed Version 1.2.7
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-23 11:30:03 +0000 UTC'>August 23, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-36282" href=https://daffa.info/cve/cve-2022-36282/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-34347</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.
|
||||||
</div>
|
Plugin Name Download Manager
|
||||||
<footer class=entry-footer><span title="2022-04-04 11:30:03 +0000 UTC">April 4, 2022</span> · 1 min · 33 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-25618" href=https://daffa.info/cve/cve-2022-25618/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2022-23983
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
|
|
||||||
Plugin Name WP Content Copy Protection & No Right Click
|
|
||||||
Installation Number 100,000+
|
Installation Number 100,000+
|
||||||
Affected Version <= 3.4.4
|
Affected Version <= 3.2.48
|
||||||
Fixed Version 3.4.5
|
Fixed Version 3.2.49
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-34347" href=https://daffa.info/cve/cve-2022-34347/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-36346</h2></header><div class=entry-content><p>Description Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress.
|
||||||
</div>
|
Plugin Name MaxButtons
|
||||||
<footer class=entry-footer><span title="2022-02-21 11:30:03 +0000 UTC">February 21, 2022</span> · 1 min · 51 words · Muhammad Daffa</footer>
|
Installation Number 100,000+
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-23983" href=https://daffa.info/cve/cve-2022-23983/></a>
|
Affected Version <= 9.2
|
||||||
</article>
|
Fixed Version 9.3
|
||||||
<article class="post-entry tag-entry">
|
Advisory Link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-08-22 11:30:03 +0000 UTC'>August 22, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-36346" href=https://daffa.info/cve/cve-2022-36346/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-33201</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key.
|
||||||
<header class=entry-header>
|
Plugin Name MailerLite – Signup forms (official)
|
||||||
<h2>CVE-2022-23984
|
Installation Number 60,000+
|
||||||
</h2>
|
Affected Version <= 1.5.6
|
||||||
</header>
|
Fixed Version 1.5.7
|
||||||
<div class=entry-content>
|
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-05-08 11:30:03 +0000 UTC'>May 8, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-33201" href=https://daffa.info/cve/cve-2022-33201/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/>« Prev </a>
|
||||||
<p>Description Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
|
<a class=next href=https://daffa.info/tags/cve/page/3/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
Plugin Name wpDiscuz
|
<span>Powered by
|
||||||
Installation Number 90,000+
|
|
||||||
Affected Version <= 7.3.11
|
|
||||||
Fixed Version 7.3.12
|
|
||||||
Advisory link MITRE WPScan Patchstack </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2022-02-21 11:30:03 +0000 UTC">February 21, 2022</span> · 1 min · 30 words · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2022-23984" href=https://daffa.info/cve/cve-2022-23984/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2021-24561
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description The WP SMS WordPress plugin before 5.4.13 does not sanitise the “wp_group_name” parameter before outputting it back in the “Groups” page, leading to an Authenticated Stored Cross-Site Scripting issue
|
|
||||||
Plugin Name WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc
|
|
||||||
Installation Number 8,000+
|
|
||||||
Affected Version <= 5.4.12
|
|
||||||
Fixed Version 5.4.13
|
|
||||||
Advisory link MITRE WPScan </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2021-07-26 11:30:03 +0000 UTC">July 26, 2021</span> · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2021-24561" href=https://daffa.info/cve/cve-2021-24561/></a>
|
|
||||||
</article>
|
|
||||||
<footer class=page-footer>
|
|
||||||
<nav class=pagination>
|
|
||||||
<a class=prev href=https://daffa.info/tags/cve/>
|
|
||||||
« Prev
|
|
||||||
</a>
|
|
||||||
<a class=next href=https://daffa.info/tags/cve/page/3/>Next »
|
|
||||||
</a>
|
|
||||||
</nav>
|
|
||||||
</footer>
|
|
||||||
</main>
|
|
||||||
<footer class=footer>
|
|
||||||
<span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
|
||||||
<span>
|
|
||||||
Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a>
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
||||||
</span>
|
|
||||||
</footer>
|
|
||||||
<a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
|
|
||||||
</a>
|
|
||||||
<script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(a){b.contains(a.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script>
|
|
||||||
<script>let menu=document.getElementById('menu');menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(a=>{a.addEventListener("click",function(b){b.preventDefault();var a=this.getAttribute("href").substr(1);window.matchMedia('(prefers-reduced-motion: reduce)').matches?document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView({behavior:"smooth"}),a==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${a}`)})})</script>
|
|
||||||
<script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script>
|
|
||||||
<script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove('dark'),localStorage.setItem("pref-theme",'light')):(document.body.classList.add('dark'),localStorage.setItem("pref-theme",'dark'))})</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -1,133 +1,31 @@
|
||||||
<!doctype html><html lang=en dir=auto>
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||||
<head><meta charset=utf-8>
|
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-27848</h2></header><div class=entry-content><p>Description Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1
|
||||||
<meta http-equiv=x-ua-compatible content="IE=edge">
|
Plugin Name Modern Events Calendar Lite
|
||||||
<meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no">
|
Installation Number 100,000+ (Closed)
|
||||||
<meta name=robots content="index, follow">
|
Affected Version <= 6.5.1
|
||||||
<title>cve | Muhammad Daffa</title>
|
Fixed Version 6.5.2
|
||||||
<meta name=keywords content>
|
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-04-14 11:30:03 +0000 UTC'>April 14, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-27848" href=https://daffa.info/cve/cve-2022-27848/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-27844</h2></header><div class=entry-content><p>Description Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70
|
||||||
<meta name=description content="Portfolio by Muhammad Daffa">
|
Plugin Name WPvivid
|
||||||
<meta name=author content="Muhammad Daffa">
|
Installation Number 200,000+
|
||||||
<link rel=canonical href=https://daffa.info/tags/cve/>
|
Affected Version <= 0.9.70
|
||||||
<link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style>
|
Fixed Version 0.9.71
|
||||||
<link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-04-11 11:30:03 +0000 UTC'>April 11, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-27844" href=https://daffa.info/cve/cve-2022-27844/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-25618</h2></header><div class=entry-content><p>Description Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27
|
||||||
<link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Plugin Name wpDataTables
|
||||||
<link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Installation Number 60,000+
|
||||||
<link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Affected Version <= 2.1.27
|
||||||
<link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E>
|
Fixed Version 2.1.28
|
||||||
<meta name=theme-color content="#2e2e33">
|
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-04-04 11:30:03 +0000 UTC'>April 4, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-25618" href=https://daffa.info/cve/cve-2022-25618/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-38704</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
|
||||||
<meta name=msapplication-TileColor content="#2e2e33">
|
Plugin Name SEO Redirection Plugin – 301 Redirect Manager
|
||||||
<link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml>
|
Installation Number 30,000+
|
||||||
<noscript>
|
Affected Version <= 8.9
|
||||||
<style>#theme-toggle,.top-link{display:none}</style>
|
Fixed Version 9.1
|
||||||
<style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style>
|
Advisory link MITRE Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-38704" href=https://daffa.info/cve/cve-2022-38704/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23983</h2></header><div class=entry-content><p>Description Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
|
||||||
</noscript><meta property="og:title" content="cve">
|
Plugin Name WP Content Copy Protection & No Right Click
|
||||||
<meta property="og:description" content="Portfolio by Muhammad Daffa">
|
Installation Number 100,000+
|
||||||
<meta property="og:type" content="website">
|
Affected Version <= 3.4.4
|
||||||
<meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa">
|
Fixed Version 3.4.5
|
||||||
<meta name=twitter:card content="summary_large_image">
|
Advisory link MITRE WPScan Patchstack</p></div><a class=entry-link aria-label="post link to CVE-2022-23983" href=https://daffa.info/cve/cve-2022-23983/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/2/>« Prev </a>
|
||||||
<meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E">
|
<a class=next href=https://daffa.info/tags/cve/page/4/>Next »</a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
<meta name=twitter:title content="cve">
|
<span>Powered by
|
||||||
<meta name=twitter:description content="Portfolio by Muhammad Daffa">
|
|
||||||
</head>
|
|
||||||
<body class=list id=top>
|
|
||||||
<script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add('dark'):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove('dark'):window.matchMedia('(prefers-color-scheme: dark)').matches&&document.body.classList.add('dark')</script>
|
|
||||||
<header class=header>
|
|
||||||
<nav class=nav>
|
|
||||||
<div class=logo>
|
|
||||||
<a href=https://daffa.info/ accesskey=h title="Home (Alt + H)">
|
|
||||||
<img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a>
|
|
||||||
<div class=logo-switches>
|
|
||||||
<button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
<button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg>
|
|
||||||
</button>
|
|
||||||
<ul class="menu hidden">
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
|
||||||
<span>About</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/blog/ title=Blog>
|
|
||||||
<span>Blog</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/portfolio/ title=Portfolio>
|
|
||||||
<span>Portfolio</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
<a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/>
|
|
||||||
<span>Search</span>
|
|
||||||
</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</nav>
|
|
||||||
</header>
|
|
||||||
<main class=main>
|
|
||||||
<header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div>
|
|
||||||
<h1>
|
|
||||||
cve
|
|
||||||
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg>
|
|
||||||
</a>
|
|
||||||
</h1>
|
|
||||||
</header>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2021-24531
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description The Charitable - Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature.
|
|
||||||
Plugin Name Charitable
|
|
||||||
Installation Number 10,000+
|
|
||||||
Affected Version <= 1.6.50
|
|
||||||
Fixed Version 1.6.51
|
|
||||||
Advisory Link MITRE WPScan </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2021-07-21 11:30:03 +0000 UTC">July 21, 2021</span> · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2021-24531" href=https://daffa.info/cve/cve-2021-24531/></a>
|
|
||||||
</article>
|
|
||||||
<article class="post-entry tag-entry">
|
|
||||||
<header class=entry-header>
|
|
||||||
<h2>CVE-2021-24519
|
|
||||||
</h2>
|
|
||||||
</header>
|
|
||||||
<div class=entry-content>
|
|
||||||
<p>Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the ‘Text Next to Icon’ field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
|
|
||||||
Plugin Name VikRentCar
|
|
||||||
Installation Number 1,000+
|
|
||||||
Affected Version <= 1.1.9
|
|
||||||
Fixed Version 1.1.10
|
|
||||||
Advisory Link MITRE WPScan </p>
|
|
||||||
</div>
|
|
||||||
<footer class=entry-footer><span title="2021-07-19 11:30:03 +0000 UTC">July 19, 2021</span> · Muhammad Daffa</footer>
|
|
||||||
<a class=entry-link aria-label="post link to CVE-2021-24519" href=https://daffa.info/cve/cve-2021-24519/></a>
|
|
||||||
</article>
|
|
||||||
<footer class=page-footer>
|
|
||||||
<nav class=pagination>
|
|
||||||
<a class=prev href=https://daffa.info/tags/cve/page/2/>
|
|
||||||
« Prev
|
|
||||||
</a>
|
|
||||||
</nav>
|
|
||||||
</footer>
|
|
||||||
</main>
|
|
||||||
<footer class=footer>
|
|
||||||
<span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
|
||||||
<span>
|
|
||||||
Powered by
|
|
||||||
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a>
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
||||||
</span>
|
|
||||||
</footer>
|
|
||||||
<a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
|
|
||||||
</a>
|
|
||||||
<script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(a){b.contains(a.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script>
|
|
||||||
<script>let menu=document.getElementById('menu');menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(a=>{a.addEventListener("click",function(b){b.preventDefault();var a=this.getAttribute("href").substr(1);window.matchMedia('(prefers-reduced-motion: reduce)').matches?document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(a)}']`).scrollIntoView({behavior:"smooth"}),a==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${a}`)})})</script>
|
|
||||||
<script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script>
|
|
||||||
<script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove('dark'),localStorage.setItem("pref-theme",'light')):(document.body.classList.add('dark'),localStorage.setItem("pref-theme",'dark'))})</script>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>cve | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/cve/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/cve/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="cve"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/cve/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="cve"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>cve
|
||||||
|
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2022-23984</h2></header><div class=entry-content><p>Description Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11).
|
||||||
|
Plugin Name wpDiscuz
|
||||||
|
Installation Number 90,000+
|
||||||
|
Affected Version <= 7.3.11
|
||||||
|
Fixed Version 7.3.12
|
||||||
|
Advisory link MITRE WPScan Patchstack</p></div><footer class=entry-footer><span title='2022-02-21 11:30:03 +0000 UTC'>February 21, 2022</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2022-23984" href=https://daffa.info/cve/cve-2022-23984/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2021-24561</h2></header><div class=entry-content><p>Description The WP SMS WordPress plugin before 5.4.13 does not sanitise the “wp_group_name” parameter before outputting it back in the “Groups” page, leading to an Authenticated Stored Cross-Site Scripting issue
|
||||||
|
Plugin Name WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc
|
||||||
|
Installation Number 8,000+
|
||||||
|
Affected Version <= 5.4.12
|
||||||
|
Fixed Version 5.4.13
|
||||||
|
Advisory link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-26 11:30:03 +0000 UTC'>July 26, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24561" href=https://daffa.info/cve/cve-2021-24561/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2021-24531</h2></header><div class=entry-content><p>Description The Charitable - Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature.
|
||||||
|
Plugin Name Charitable
|
||||||
|
Installation Number 10,000+
|
||||||
|
Affected Version <= 1.6.50
|
||||||
|
Fixed Version 1.6.51
|
||||||
|
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-21 11:30:03 +0000 UTC'>July 21, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24531" href=https://daffa.info/cve/cve-2021-24531/></a></article><article class="post-entry tag-entry"><header class=entry-header><h2>CVE-2021-24519</h2></header><div class=entry-content><p>Description The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the ‘Text Next to Icon’ field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
|
||||||
|
Plugin Name VikRentCar
|
||||||
|
Installation Number 1,000+
|
||||||
|
Affected Version <= 1.1.9
|
||||||
|
Fixed Version 1.1.10
|
||||||
|
Advisory Link MITRE WPScan</p></div><footer class=entry-footer><span title='2021-07-19 11:30:03 +0000 UTC'>July 19, 2021</span> · Muhammad Daffa</footer><a class=entry-link aria-label="post link to CVE-2021-24519" href=https://daffa.info/cve/cve-2021-24519/></a></article><footer class=page-footer><nav class=pagination><a class=prev href=https://daffa.info/tags/cve/page/3/>« Prev </a></nav></footer></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
|
<span>Powered by
|
||||||
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
File diff suppressed because one or more lines are too long
|
@ -9,31 +9,22 @@
|
||||||
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
</image>
|
</image>
|
||||||
<generator>Hugo -- gohugo.io</generator>
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
<lastBuildDate>Tue, 23 Aug 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/index.xml" rel="self" type="application/rss+xml" />
|
<lastBuildDate>Fri, 23 Sep 2022 11:30:03 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/index.xml" rel="self" type="application/rss+xml" />
|
||||||
<item>
|
<item>
|
||||||
<title>cve</title>
|
<title>cve</title>
|
||||||
<link>https://daffa.info/tags/cve/</link>
|
<link>https://daffa.info/tags/cve/</link>
|
||||||
<pubDate>Tue, 23 Aug 2022 11:30:03 +0000</pubDate>
|
<pubDate>Fri, 23 Sep 2022 11:30:03 +0000</pubDate>
|
||||||
|
|
||||||
<guid>https://daffa.info/tags/cve/</guid>
|
<guid>https://daffa.info/tags/cve/</guid>
|
||||||
<description></description>
|
<description></description>
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
<item>
|
<item>
|
||||||
<title>markdown</title>
|
<title>profile</title>
|
||||||
<link>https://daffa.info/tags/markdown/</link>
|
<link>https://daffa.info/tags/profile/</link>
|
||||||
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
||||||
|
|
||||||
<guid>https://daffa.info/tags/markdown/</guid>
|
<guid>https://daffa.info/tags/profile/</guid>
|
||||||
<description></description>
|
|
||||||
</item>
|
|
||||||
|
|
||||||
<item>
|
|
||||||
<title>text</title>
|
|
||||||
<link>https://daffa.info/tags/text/</link>
|
|
||||||
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
|
||||||
|
|
||||||
<guid>https://daffa.info/tags/text/</guid>
|
|
||||||
<description></description>
|
<description></description>
|
||||||
</item>
|
</item>
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,7 @@
|
||||||
</button>
|
</button>
|
||||||
<ul class="menu hidden">
|
<ul class="menu hidden">
|
||||||
<li>
|
<li>
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
<a href=https://daffa.info/about/ title=About>
|
||||||
<span>About</span>
|
<span>About</span>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>profile | Muhammad Daffa</title><meta name=keywords content><meta name=description content="Portfolio by Muhammad Daffa"><meta name=author content="Muhammad Daffa"><link rel=canonical href=https://daffa.info/tags/profile/><link crossorigin=anonymous href=/assets/css/stylesheet.45f49f3659256118ed66599f73d606a68bbf80c55151a90e4cf1c399f8e7c2d5.css integrity="sha256-RfSfNlklYRjtZlmfc9YGpou/gMVRUakOTPHDmfjnwtU=" rel="preload stylesheet" as=style><link rel=icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=16x16 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=icon type=image/png sizes=32x32 href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=apple-touch-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><link rel=mask-icon href=https://daffa.info/%3Clink%20/%20abs%20url%3E><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate type=application/rss+xml href=https://daffa.info/tags/profile/index.xml><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><meta property="og:title" content="profile"><meta property="og:description" content="Portfolio by Muhammad Daffa"><meta property="og:type" content="website"><meta property="og:url" content="https://daffa.info/tags/profile/"><meta property="og:image" content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta property="og:site_name" content="Muhammad Daffa"><meta name=twitter:card content="summary_large_image"><meta name=twitter:image content="https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E"><meta name=twitter:title content="profile"><meta name=twitter:description content="Portfolio by Muhammad Daffa"></head><body class=list id=top><script>localStorage.getItem("pref-theme")==="dark"?document.body.classList.add("dark"):localStorage.getItem("pref-theme")==="light"?document.body.classList.remove("dark"):window.matchMedia("(prefers-color-scheme: dark)").matches&&document.body.classList.add("dark")</script><header class=header><nav class=nav><div class=logo><a href=https://daffa.info/ accesskey=h title="Home (Alt + H)"><img src=https://daffa.info/apple-touch-icon.png alt aria-label=logo height=35>Home</a><div class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="18" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></div></div><button id=menu-trigger aria-haspopup=menu aria-label="Menu Button"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"/><line x1="3" y1="6" x2="21" y2="6"/><line x1="3" y1="18" x2="21" y2="18"/></svg></button><ul class="menu hidden"><li><a href=https://daffa.info/about/ title=About><span>About</span></a></li><li><a href=https://daffa.info/blog/ title=Blog><span>Blog</span></a></li><li><a href=https://daffa.info/portfolio/ title=Portfolio><span>Portfolio</span></a></li><li><a href=https://daffa.info/search/ title="Search (Alt + /)" accesskey=/><span>Search</span></a></li></ul></nav></header><main class=main><header class=page-header><div class=breadcrumbs><a href=https://daffa.info/>Home</a> » <a href=https://daffa.info/tags/>Tags</a></div><h1>profile
|
||||||
|
<a href=index.xml title=RSS aria-label=RSS><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" height="23"><path d="M4 11a9 9 0 019 9"/><path d="M4 4a16 16 0 0116 16"/><circle cx="5" cy="19" r="1"/></svg></a></h1></header></main><footer class=footer><span>© 2022 <a href=https://daffa.info/>Muhammad Daffa</a></span>
|
||||||
|
<span>Powered by
|
||||||
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
||||||
|
<a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let b=document.querySelector("#menu-trigger"),m=document.querySelector(".menu");b.addEventListener("click",function(){m.classList.toggle("hidden")}),document.body.addEventListener("click",function(e){b.contains(e.target)||m.classList.add("hidden")}),document.querySelector("#cd").innerText=(new Date).getFullYear()</script><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|
|
@ -0,0 +1,55 @@
|
||||||
|
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||||
|
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
|
||||||
|
<channel>
|
||||||
|
<title>profile on Muhammad Daffa</title>
|
||||||
|
<link>https://daffa.info/tags/profile/</link>
|
||||||
|
<description>Recent content in profile on Muhammad Daffa</description>
|
||||||
|
<image>
|
||||||
|
<url>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</url>
|
||||||
|
<link>https://daffa.info/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E</link>
|
||||||
|
</image>
|
||||||
|
<generator>Hugo -- gohugo.io</generator>
|
||||||
|
<lastBuildDate>Sat, 09 Mar 2019 00:00:00 +0000</lastBuildDate><atom:link href="https://daffa.info/tags/profile/index.xml" rel="self" type="application/rss+xml" />
|
||||||
|
<item>
|
||||||
|
<title>About</title>
|
||||||
|
<link>https://daffa.info/about/</link>
|
||||||
|
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/about/</guid>
|
||||||
|
<description>Muhammad Daffa Hi! I&rsquo;m Muhammad Daffa, you can call me Daffa. I started learning about cyber security between 2019 / 2020. I was interested in cybersecurity when my facebook friends posted about how they get money doing an activity called &ldquo;bug bounty&rdquo;. From that post, I tried to learn more about cybersecurity, especially penetration testing on website
|
||||||
|
Don&rsquo;t ever think I&rsquo;m a professional penetration tester :D. There are still a lot of things about cyber security that I haven&rsquo;t learned, such as doing penetration testing on Android, iOS, or even on the network.</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Blog</title>
|
||||||
|
<link>https://daffa.info/blog/</link>
|
||||||
|
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/blog/</guid>
|
||||||
|
<description>Coming Soon! Still in progress migrating from Medium to this website :)</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Portfolio</title>
|
||||||
|
<link>https://daffa.info/achievements/</link>
|
||||||
|
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/achievements/</guid>
|
||||||
|
<description>Here are some of my achievements when doing bug hunting
|
||||||
|
Bug Bounties and Hall of Fame Sekolah Siber Wageningen University &amp; Research PostNL Holding B.V Inflectra Legally Breaking (Website Inactive) PlanetArt Yelp 2 Private Program at Hackerone Certificate Appreciation Axioo Class Program GeeksforGeeks Cambridge University Windesheim University Finansialku PixelNinja ID Bitrexgo (Website Inactive) </description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
<item>
|
||||||
|
<title>Portfolio</title>
|
||||||
|
<link>https://daffa.info/portfolio/</link>
|
||||||
|
<pubDate>Sat, 09 Mar 2019 00:00:00 +0000</pubDate>
|
||||||
|
|
||||||
|
<guid>https://daffa.info/portfolio/</guid>
|
||||||
|
<description>Here are some of my portfolios on cybersecurity
|
||||||
|
Bug Bounties The list below are some of the companies that recognize me as a bug hunter. Here are 5 achievements that I just got
|
||||||
|
Hall of Fame at Sekolah Siber Hall of Fame at wur.nl Thanks list at HackerOne PlanetArt Thanks list at Private Program HackerOne Certificate Appreciation from GeeksforGeeks Click here to see the full list
|
||||||
|
CVEs Here is a list of CVEs that I got, most of them came from vulnerabilities in wordpress.</description>
|
||||||
|
</item>
|
||||||
|
|
||||||
|
</channel>
|
||||||
|
</rss>
|
|
@ -0,0 +1 @@
|
||||||
|
<!doctype html><html lang=en><head><title>https://daffa.info/tags/profile/</title><link rel=canonical href=https://daffa.info/tags/profile/><meta name=robots content="noindex"><meta charset=utf-8><meta http-equiv=refresh content="0; url=https://daffa.info/tags/profile/"></head></html>
|
|
@ -45,7 +45,7 @@
|
||||||
</button>
|
</button>
|
||||||
<ul class="menu hidden">
|
<ul class="menu hidden">
|
||||||
<li>
|
<li>
|
||||||
<a href=https://daffa.info/profile/ title=About>
|
<a href=https://daffa.info/about/ title=About>
|
||||||
<span>About</span>
|
<span>About</span>
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
Loading…
Reference in New Issue