From e2a15b792e087e5b9f0cc1613f47717c37e383e8 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa Date: Fri, 18 Aug 2023 00:01:23 +0000 Subject: [PATCH] feat: change some pages --- .hugo_build.lock | 0 config.yml | 10 +- content/about/_index.md | 4 +- content/blog/_index.md | 16 -- .../{achievements => bug-hunting}/_index.md | 2 + content/cve/CVE-2021-24519.md | 55 ----- content/cve/CVE-2021-24531.md | 55 ----- content/cve/CVE-2021-24561.md | 55 ----- content/cve/CVE-2022-23983.md | 55 ----- content/cve/CVE-2022-23984.md | 57 ----- content/cve/CVE-2022-25618.md | 57 ----- content/cve/CVE-2022-27844.md | 57 ----- content/cve/CVE-2022-27848.md | 56 ----- content/cve/CVE-2022-32587.md | 54 ----- content/cve/CVE-2022-33201.md | 56 ----- content/cve/CVE-2022-34347.md | 56 ----- content/cve/CVE-2022-36282.md | 56 ----- content/cve/CVE-2022-36340.md | 54 ----- content/cve/CVE-2022-36346.md | 56 ----- content/cve/CVE-2022-38095.md | 54 ----- content/cve/CVE-2022-38134.md | 54 ----- content/cve/CVE-2022-38137.md | 54 ----- content/cve/CVE-2022-38470.md | 54 ----- content/cve/CVE-2022-38704.md | 54 ----- content/cve/CVE-2022-40132.md | 54 ----- content/cve/CVE-2022-40194.md | 54 ----- content/cve/_index.md | 97 ++++++++- content/portfolio/_index.md | 73 +++++-- content/search.md | 4 - public/404.html | 2 +- public/about/index.html | 4 +- public/about/index.xml | 1 + public/achievements/index.html | 2 +- public/achievements/index.xml | 1 + ...2f75e5884ffe8073ea9d6d5761d5663d651e20.css | 7 - ...632408e58ac146fbdbe62747134bea2fa3415e0.js | 44 ---- ...c55c943211a702f7734fab3645d5b715395679e.js | 19 -- ...7d892f103a377a17831aa4828cba094a8b0db74.js | 19 -- public/blog/index.html | 4 - public/blog/page/1/index.html | 1 - public/bug-hunting/index.html | 5 + public/{blog => bug-hunting}/index.xml | 9 +- public/bug-hunting/page/1/index.html | 1 + public/categories/index.html | 2 +- public/categories/index.xml | 3 +- public/cve/cve-2021-24519/index.html | 5 - public/cve/cve-2021-24531/index.html | 6 - public/cve/cve-2021-24561/index.html | 6 - public/cve/cve-2022-23983/index.html | 6 - public/cve/cve-2022-23984/index.html | 6 - public/cve/cve-2022-25618/index.html | 6 - public/cve/cve-2022-27844/index.html | 6 - public/cve/cve-2022-27848/index.html | 6 - public/cve/cve-2022-32587/index.html | 5 - public/cve/cve-2022-33201/index.html | 6 - public/cve/cve-2022-34347/index.html | 6 - public/cve/cve-2022-36282/index.html | 6 - public/cve/cve-2022-36340/index.html | 6 - public/cve/cve-2022-36346/index.html | 6 - public/cve/cve-2022-38095/index.html | 6 - public/cve/cve-2022-38134/index.html | 6 - public/cve/cve-2022-38137/index.html | 6 - public/cve/cve-2022-38470/index.html | 6 - public/cve/cve-2022-38704/index.html | 6 - public/cve/cve-2022-40132/index.html | 6 - public/cve/cve-2022-40194/index.html | 6 - public/cve/index.html | 3 +- public/cve/index.xml | 192 +---------------- public/cve/page/1/index.html | 2 +- public/index.html | 2 +- public/index.xml | 193 +---------------- public/page/1/index.html | 1 - .../portfolio/cve/cve-2021-24519/index.html | 169 --------------- .../portfolio/cve/cve-2021-24531/index.html | 169 --------------- .../portfolio/cve/cve-2021-24561/index.html | 164 -------------- .../portfolio/cve/cve-2022-23983/index.html | 166 -------------- .../portfolio/cve/cve-2022-23984/index.html | 166 -------------- .../portfolio/cve/cve-2022-25618/index.html | 166 -------------- .../portfolio/cve/cve-2022-27844/index.html | 166 -------------- .../portfolio/cve/cve-2022-27848/index.html | 166 -------------- .../portfolio/cve/cve-2022-33201/index.html | 166 -------------- .../portfolio/cve/cve-2022-34347/index.html | 166 -------------- .../portfolio/cve/cve-2022-36282/index.html | 166 -------------- .../portfolio/cve/cve-2022-36346/index.html | 161 -------------- public/portfolio/cve/index.html | 172 --------------- public/portfolio/cve/index.xml | 122 ----------- public/portfolio/index.html | 4 +- public/portfolio/index.xml | 1 + public/posts/cve-2021-24519/index.html | 151 ------------- public/posts/cve-2021-24561/index.html | 116 ---------- public/posts/index.html | 118 ---------- public/posts/index.xml | 32 --- public/posts/page/1/index.html | 1 - public/search/index.html | 5 - public/sitemap.xml | 87 +------- public/tags/cve/index.html | 29 --- public/tags/cve/index.xml | 203 ------------------ public/tags/cve/page/1/index.html | 1 - public/tags/cve/page/2/index.html | 31 --- public/tags/cve/page/3/index.html | 31 --- public/tags/cve/page/4/index.html | 31 --- public/tags/cve/page/5/index.html | 10 - public/tags/index.html | 2 +- public/tags/index.xml | 12 +- public/tags/markdown/index.html | 94 -------- public/tags/markdown/index.xml | 23 -- public/tags/markdown/page/1/index.html | 1 - public/tags/profile/index.html | 4 +- public/tags/profile/index.xml | 22 +- public/tags/text/index.html | 94 -------- public/tags/text/index.xml | 23 -- public/tags/text/page/1/index.html | 1 - 112 files changed, 214 insertions(+), 5202 deletions(-) create mode 100644 .hugo_build.lock delete mode 100644 content/blog/_index.md rename content/{achievements => bug-hunting}/_index.md (91%) delete mode 100644 content/cve/CVE-2021-24519.md delete mode 100644 content/cve/CVE-2021-24531.md delete mode 100644 content/cve/CVE-2021-24561.md delete mode 100644 content/cve/CVE-2022-23983.md delete mode 100644 content/cve/CVE-2022-23984.md delete mode 100644 content/cve/CVE-2022-25618.md delete mode 100644 content/cve/CVE-2022-27844.md delete mode 100644 content/cve/CVE-2022-27848.md delete mode 100644 content/cve/CVE-2022-32587.md delete mode 100644 content/cve/CVE-2022-33201.md delete mode 100644 content/cve/CVE-2022-34347.md delete mode 100644 content/cve/CVE-2022-36282.md delete mode 100644 content/cve/CVE-2022-36340.md delete mode 100644 content/cve/CVE-2022-36346.md delete mode 100644 content/cve/CVE-2022-38095.md delete mode 100644 content/cve/CVE-2022-38134.md delete mode 100644 content/cve/CVE-2022-38137.md delete mode 100644 content/cve/CVE-2022-38470.md delete mode 100644 content/cve/CVE-2022-38704.md delete mode 100644 content/cve/CVE-2022-40132.md delete mode 100644 content/cve/CVE-2022-40194.md delete mode 100644 content/search.md delete mode 100644 public/assets/css/stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css delete mode 100644 public/assets/js/highlight.f413e19d0714851f6474e7ee9632408e58ac146fbdbe62747134bea2fa3415e0.js delete mode 100644 public/assets/js/search.1943d4c8dfc6e73d572d17ccfc55c943211a702f7734fab3645d5b715395679e.js delete mode 100644 public/assets/js/search.7ea763d329edcc0b8bdc24b427d892f103a377a17831aa4828cba094a8b0db74.js delete mode 100644 public/blog/index.html delete mode 100644 public/blog/page/1/index.html create mode 100644 public/bug-hunting/index.html rename public/{blog => bug-hunting}/index.xml (64%) create mode 100644 public/bug-hunting/page/1/index.html delete mode 100644 public/cve/cve-2021-24519/index.html delete mode 100644 public/cve/cve-2021-24531/index.html delete mode 100644 public/cve/cve-2021-24561/index.html delete mode 100644 public/cve/cve-2022-23983/index.html delete mode 100644 public/cve/cve-2022-23984/index.html delete mode 100644 public/cve/cve-2022-25618/index.html delete mode 100644 public/cve/cve-2022-27844/index.html delete mode 100644 public/cve/cve-2022-27848/index.html delete mode 100644 public/cve/cve-2022-32587/index.html delete mode 100644 public/cve/cve-2022-33201/index.html delete mode 100644 public/cve/cve-2022-34347/index.html delete mode 100644 public/cve/cve-2022-36282/index.html delete mode 100644 public/cve/cve-2022-36340/index.html delete mode 100644 public/cve/cve-2022-36346/index.html delete mode 100644 public/cve/cve-2022-38095/index.html delete mode 100644 public/cve/cve-2022-38134/index.html delete mode 100644 public/cve/cve-2022-38137/index.html delete mode 100644 public/cve/cve-2022-38470/index.html delete mode 100644 public/cve/cve-2022-38704/index.html delete mode 100644 public/cve/cve-2022-40132/index.html delete mode 100644 public/cve/cve-2022-40194/index.html delete mode 100644 public/page/1/index.html delete mode 100644 public/portfolio/cve/cve-2021-24519/index.html delete mode 100644 public/portfolio/cve/cve-2021-24531/index.html delete mode 100644 public/portfolio/cve/cve-2021-24561/index.html delete mode 100644 public/portfolio/cve/cve-2022-23983/index.html delete mode 100644 public/portfolio/cve/cve-2022-23984/index.html delete mode 100644 public/portfolio/cve/cve-2022-25618/index.html delete mode 100644 public/portfolio/cve/cve-2022-27844/index.html delete mode 100644 public/portfolio/cve/cve-2022-27848/index.html delete mode 100644 public/portfolio/cve/cve-2022-33201/index.html delete mode 100644 public/portfolio/cve/cve-2022-34347/index.html delete mode 100644 public/portfolio/cve/cve-2022-36282/index.html delete mode 100644 public/portfolio/cve/cve-2022-36346/index.html delete mode 100644 public/portfolio/cve/index.html delete mode 100644 public/portfolio/cve/index.xml delete mode 100644 public/posts/cve-2021-24519/index.html delete mode 100644 public/posts/cve-2021-24561/index.html delete mode 100644 public/posts/index.html delete mode 100644 public/posts/index.xml delete mode 100644 public/posts/page/1/index.html delete mode 100644 public/search/index.html delete mode 100644 public/tags/cve/index.html delete mode 100644 public/tags/cve/index.xml delete mode 100644 public/tags/cve/page/1/index.html delete mode 100644 public/tags/cve/page/2/index.html delete mode 100644 public/tags/cve/page/3/index.html delete mode 100644 public/tags/cve/page/4/index.html delete mode 100644 public/tags/cve/page/5/index.html delete mode 100644 public/tags/markdown/index.html delete mode 100644 public/tags/markdown/index.xml delete mode 100644 public/tags/markdown/page/1/index.html delete mode 100644 public/tags/text/index.html delete mode 100644 public/tags/text/index.xml delete mode 100644 public/tags/text/page/1/index.html diff --git a/.hugo_build.lock b/.hugo_build.lock new file mode 100644 index 0000000..e69de29 diff --git a/config.yml b/config.yml index 0951d51..397eefc 100644 --- a/config.yml +++ b/config.yml @@ -122,15 +122,7 @@ menu: name: Portfolio url: /portfolio/ weight: 20 - - identifier: blog - name: Blog - url: /blog/ - weight: 20 - - identifier: search - name: Search - url: /search/ - weight: 20 -# Read: https://github.com/adityatelange/hugo-PaperMod/wiki/FAQs#using-hugos-syntax-highlighter-chroma + pygmentsUseClasses: true markup: highlight: diff --git a/content/about/_index.md b/content/about/_index.md index bf98c0c..7b5071d 100644 --- a/content/about/_index.md +++ b/content/about/_index.md @@ -14,9 +14,9 @@ ShowRssButtonInSectionTermList: false --- ## Muhammad Daffa -Hi! I'm Muhammad Daffa, you can call me Daffa. I started learning about cyber security between 2019 / 2020. I was interested in cybersecurity when my facebook friends posted about how they get money doing an activity called "bug bounty". From that post, I tried to learn more about cybersecurity, especially penetration testing on website +Hello! I'm Muhammad Daffa, but you can call me Daffa. I began delving into cybersecurity around 2019 to 2020. My interest sparked when some of my Facebook friends posted about making money through an activity known as 'bug bounty.' Intrigued by their posts, I embarked on a journey to learn more about cybersecurity, with a specific focus on website penetration testing. -Don't ever think I'm a professional penetration tester :D. There are still a lot of things about cyber security that I haven't learned, such as doing penetration testing on Android, iOS, or even on the network. Right now I'm learning about malware analysis too, thanks to TCM Security <3 +Please don't mistake me for a professional penetration tester just yet! There's still a wealth of knowledge about cybersecurity that I haven't explored, such as conducting penetration tests on Android, iOS, and even within networks. At present, I'm also immersing myself in the realm of malware analysis, all thanks to TCM Security <3. ## Contact Contact me if you have something to discuss or if you have a great resource about cybersecurity, i'll be very happy to read about the resource :D diff --git a/content/blog/_index.md b/content/blog/_index.md deleted file mode 100644 index c7d3f27..0000000 --- a/content/blog/_index.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -author: "Muhammad Daffa" -title: "Blog" -date: "2019-03-09" -# description: "About Muhammad Daffa" -tags: ["profile"] -TocOpen: true -draft: false -hidemeta: true -comments: false -searchHidden: true -ShowBreadCrumbs: false -ShowRssButtonInSectionTermList: false ---- - -Coming Soon! Still in progress migrating from Medium to this website :) diff --git a/content/achievements/_index.md b/content/bug-hunting/_index.md similarity index 91% rename from content/achievements/_index.md rename to content/bug-hunting/_index.md index 07cba0f..dcc404f 100644 --- a/content/achievements/_index.md +++ b/content/bug-hunting/_index.md @@ -24,6 +24,8 @@ Here are some of my achievements when doing bug hunting - [Legally Breaking](https://legallybreaking.com/index.php?p=/hall-fame) (Website Inactive) - [DIB-VDP Pilot](https://hackerone.com/dib-vdp-pilot) (Program Closed) - [PlanetArt](https://hackerone.com/planetart/thanks) +- [Automattic](https://hackerone.com/automattic/thanks/2023) +- [Valve](https://hackerone.com/valve/thanks/2023) - [Yelp](https://hackerone.com/yelp/thanks) - 2 Private Program at Hackerone diff --git a/content/cve/CVE-2021-24519.md b/content/cve/CVE-2021-24519.md deleted file mode 100644 index 15ff7eb..0000000 --- a/content/cve/CVE-2021-24519.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: "CVE-2021-24519" -date: 2021-07-19T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue - -## Plugin Name -[VikRentCar](https://wordpress.org/plugins/vikrentcar/) - -## Installation Number -1,000+ - -## Affected Version -<= 1.1.9 - -## Fixed Version -1.1.10 - -## Advisory Link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24519) - * [WPScan](https://wpscan.com/vulnerability/368828f9-fdd1-4a82-8658-20e0f4c4da0c) diff --git a/content/cve/CVE-2021-24531.md b/content/cve/CVE-2021-24531.md deleted file mode 100644 index 1b2e516..0000000 --- a/content/cve/CVE-2021-24531.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: "CVE-2021-24531" -date: 2021-07-21T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "Charitable - Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS)" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -The Charitable - Donation Plugin WordPress plugin before 1.6.51 is affected by an authenticated stored cross-site scripting vulnerability which was found in the add donation feature. - -## Plugin Name -[Charitable](https://wordpress.org/plugins/charitable/) - -## Installation Number -10,000+ - -## Affected Version -<= 1.6.50 - -## Fixed Version -1.6.51 - -## Advisory Link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24531) - * [WPScan](https://wpscan.com/vulnerability/a5837621-ee6e-4876-9f65-82658fc0341f) diff --git a/content/cve/CVE-2021-24561.md b/content/cve/CVE-2021-24561.md deleted file mode 100644 index 410825a..0000000 --- a/content/cve/CVE-2021-24561.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: "CVE-2021-24561" -date: 2021-07-26T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "WP SMS < 5.4.13 - Authenticated Stored Cross-Site Scripting" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_group_name" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue - -## Plugin Name -[WP SMS – Messaging & SMS Notification for WordPress, WooCommerce, GravityForms, etc](https://wordpress.org/plugins/wp-sms/) - -## Installation Number -8,000+ - -## Affected Version -<= 5.4.12 - -## Fixed Version -5.4.13 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24561) - * [WPScan](https://wpscan.com/vulnerability/5433ef4c-4451-4b6e-992b-69c5eccabf90) diff --git a/content/cve/CVE-2022-23983.md b/content/cve/CVE-2022-23983.md deleted file mode 100644 index 14eed50..0000000 --- a/content/cve/CVE-2022-23983.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: "CVE-2022-23983" -date: 2022-02-21T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WP Content Copy Protection & No Right Click < 3.4.5 - Settings Update via CSRF" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4). - -## Plugin Name -[WP Content Copy Protection & No Right Click](https://wordpress.org/plugins/wp-content-copy-protection-no-right-click/) - -## Installation Number -100,000+ - -## Affected Version -<= 3.4.4 - -## Fixed Version -3.4.5 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23983) - * [WPScan](https://wpscan.com/vulnerability/b6733721-56fc-44f5-b18b-cd5793517515) - * [Patchstack](https://patchstack.com/database/vulnerability/wp-content-copy-protector/wordpress-wp-content-copy-protection-no-right-click-plugin-3-4-4-cross-site-request-forgery-csrf-leads-to-settings-update-vulnerability) diff --git a/content/cve/CVE-2022-23984.md b/content/cve/CVE-2022-23984.md deleted file mode 100644 index 3a16f1a..0000000 --- a/content/cve/CVE-2022-23984.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -title: "CVE-2022-23984" -date: 2022-02-21T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "wpDiscuz < 7.3.12 - Sensitive Information Disclosure" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). - -## Plugin Name -[wpDiscuz](https://wordpress.org/plugins/wpdiscuz/) - -## Installation Number -90,000+ - -## Affected Version -<= 7.3.11 - -## Fixed Version -7.3.12 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23984) - * [WPScan](https://wpscan.com/vulnerability/027e6ef8-39d8-4fa9-957f-f53ee7175c0a) - * [Patchstack](https://patchstack.com/database/vulnerability/wpdiscuz/wordpress-wpdiscuz-plugin-7-3-11-sensitive-information-disclosure-vulnerability) - diff --git a/content/cve/CVE-2022-25618.md b/content/cve/CVE-2022-25618.md deleted file mode 100644 index e7f7adc..0000000 --- a/content/cve/CVE-2022-25618.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -title: "CVE-2022-25618" -date: 2022-04-04T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "wpDataTables < 2.1.28 - Admin+ Stored Cross-Site Scripting" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27 - -## Plugin Name -[wpDataTables](https://wordpress.org/plugins/wpdatatables/) - -## Installation Number -60,000+ - -## Affected Version -<= 2.1.27 - -## Fixed Version -2.1.28 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25618) - * [WPScan](https://wpscan.com/vulnerability/02a8b0bc-e434-4be5-8892-cba13d1b4329) - * [Patchstack](https://patchstack.com/database/vulnerability/wpdatatables/wordpress-wpdatatables-plugin-2-1-27-stored-cross-site-scripting-xss-vulnerability) - diff --git a/content/cve/CVE-2022-27844.md b/content/cve/CVE-2022-27844.md deleted file mode 100644 index 755d950..0000000 --- a/content/cve/CVE-2022-27844.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -title: "CVE-2022-27844" -date: 2022-04-11T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "WPvivid Backup and Migration Plugin < 0.9.71 - Admin+ Arbitrary File Download" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 - -## Plugin Name -[WPvivid](https://wordpress.org/plugins/wpvivid-backup-restore/) - -## Installation Number -200,000+ - -## Affected Version -<= 0.9.70 - -## Fixed Version -0.9.71 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27844) - * [WPScan](https://wpscan.com/vulnerability/e15703bd-d23d-46fc-8fc9-a3c6d851df0a) - * [Patchstack](https://patchstack.com/database/vulnerability/wpvivid-backuprestore/wordpress-wpvivid-plugin-0-9-70-arbitrary-file-read-vulnerability) - diff --git a/content/cve/CVE-2022-27848.md b/content/cve/CVE-2022-27848.md deleted file mode 100644 index b5e1762..0000000 --- a/content/cve/CVE-2022-27848.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "CVE-2022-27848" -date: 2022-04-14T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "Modern Events Calendar Lite < 6.5.2 - Admin+ Stored Cross-Site Scripting" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1 - -## Plugin Name -[Modern Events Calendar Lite](https://wordpress.org/plugins/modern-events-calendar-lite/) - -## Installation Number -100,000+ (Closed) - -## Affected Version -<= 6.5.1 - -## Fixed Version -6.5.2 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27848) - * [WPScan](https://wpscan.com/vulnerability/ef2843d0-f84d-4093-a08b-342ed0848914) - * [Patchstack](https://patchstack.com/database/vulnerability/modern-events-calendar-lite/wordpress-modern-events-calendar-lite-plugin-6-5-1-authenticated-stored-cross-site-scripting-xss-vulnerability) diff --git a/content/cve/CVE-2022-32587.md b/content/cve/CVE-2022-32587.md deleted file mode 100644 index f740ba9..0000000 --- a/content/cve/CVE-2022-32587.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-32587" -date: 2022-09-26T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change. - -## Plugin Name -[WP Page Widget](https://wordpress.org/plugins/wp-page-widget/) - -## Installation Number -60,000+ - -## Affected Version -<= 3.9 - -## Fixed Version -4.0 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32587) - * [Patchstack](https://patchstack.com/database/vulnerability/wp-page-widget/wordpress-wp-page-widget-plugin-3-9-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-33201.md b/content/cve/CVE-2022-33201.md deleted file mode 100644 index 385a1c4..0000000 --- a/content/cve/CVE-2022-33201.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "CVE-2022-33201" -date: 2022-05-08T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "MailerLite - Signup forms (official) < 1.5.7 - API Key Update via CSRF" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in MailerLite – Signup forms (official) plugin <= 1.5.7 at WordPress allows an attacker to change the API key. - -## Plugin Name -[MailerLite – Signup forms (official)](https://wordpress.org/plugins/official-mailerlite-sign-up-forms/) - -## Installation Number -60,000+ - -## Affected Version -<= 1.5.6 - -## Fixed Version -1.5.7 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33201) - * [WPScan](https://wpscan.com/vulnerability/dcce9241-4903-40dc-98d1-0abc30a3f779) - * [Patchstack](https://patchstack.com/database/vulnerability/official-mailerlite-sign-up-forms/wordpress-mailerlite-signup-forms-official-plugin-1-5-7-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-34347.md b/content/cve/CVE-2022-34347.md deleted file mode 100644 index 79cb8e6..0000000 --- a/content/cve/CVE-2022-34347.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "CVE-2022-34347" -date: 2022-08-22T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "Download Manager < 3.2.49 - Clear Stats & Cache via CSRF" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. - -## Plugin Name -[Download Manager](https://wordpress.org/plugins/download-manager/) - -## Installation Number -100,000+ - -## Affected Version -<= 3.2.48 - -## Fixed Version -3.2.49 - -## Advisory Link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34347) - * [WPScan](https://wpscan.com/vulnerability/1fe07196-52d4-40c5-b01d-69852b4fb9c5) - * [Patchstack](https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-48-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-36282.md b/content/cve/CVE-2022-36282.md deleted file mode 100644 index 034d5c5..0000000 --- a/content/cve/CVE-2022-36282.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "CVE-2022-36282" -date: 2022-08-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "Search Exclude < 1.2.7 - Author+ Stored Cross-Site Scripting" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin <= 1.2.6 at WordPress. - -## Plugin Name -[Search Exclude](https://wordpress.org/plugins/search-exclude/) - -## Installation Number -60,000+ - -## Affected Version -<= 1.2.6 - -## Fixed Version -1.2.7 - -## Advisory Link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36282) - * [WPScan](https://wpscan.com/vulnerability/52841b21-493f-4e63-bcbf-528089955e4f) - * [Patchstack](https://patchstack.com/database/vulnerability/search-exclude/wordpress-search-exclude-plugin-1-2-6-authenticated-stored-cross-site-scripting-xss-vulnerability) diff --git a/content/cve/CVE-2022-36340.md b/content/cve/CVE-2022-36340.md deleted file mode 100644 index 339f3a2..0000000 --- a/content/cve/CVE-2022-36340.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-36340" -date: 2022-09-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress MailOptin plugin <= 1.2.49.0 - Unauthenticated Optin Campaign Cache Deletion" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Unauthenticated Optin Campaign Cache Deletion vulnerability in MailOptin plugin <= 1.2.49.0 at WordPress. - -## Plugin Name -[Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin](https://wordpress.org/plugins/mailoptin/) - -## Installation Number -30,000+ - -## Affected Version -<= 1.2.49.0 - -## Fixed Version -1.2.50.0 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36340) - * [Patchstack](https://patchstack.com/database/vulnerability/mailoptin/wordpress-mailoptin-plugin-1-2-49-0-unauthenticated-optin-campaign-cache-deletion-vulnerability) diff --git a/content/cve/CVE-2022-36346.md b/content/cve/CVE-2022-36346.md deleted file mode 100644 index 9299265..0000000 --- a/content/cve/CVE-2022-36346.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: "CVE-2022-36346" -date: 2022-08-22T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: false -comments: false -description: "MaxButtons < 9.3 - Arbitrary Settings Update via CSRF" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: true # to disable highlightjs -disableShare: false -disableHLJS: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Max Foundry MaxButtons plugin <= 9.2 at WordPress. - -## Plugin Name -[MaxButtons](https://wordpress.org/plugins/maxbuttons/) - -## Installation Number -100,000+ - -## Affected Version -<= 9.2 - -## Fixed Version -9.3 - -## Advisory Link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36346) - * [WPScan](https://wpscan.com/vulnerability/c1b448e0-430a-4f47-aded-77af8d291232) - * [Patchstack](https://patchstack.com/database/vulnerability/maxbuttons/wordpress-maxbuttons-plugins-9-2-multiple-cross-site-request-forgery-csrf-vulnerabilities) diff --git a/content/cve/CVE-2022-38095.md b/content/cve/CVE-2022-38095.md deleted file mode 100644 index 242c4d1..0000000 --- a/content/cve/CVE-2022-38095.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-38095" -date: 2022-09-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress. - -## Plugin Name -[Advanced Dynamic Pricing for WooCommerce](https://wordpress.org/plugins/advanced-dynamic-pricing-for-woocommerce/) - -## Installation Number -20,000+ - -## Affected Version -<= 4.1.3 - -## Fixed Version -4.1.4 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38095) - * [Patchstack](https://patchstack.com/database/vulnerability/advanced-dynamic-pricing-for-woocommerce/wordpress-advanced-dynamic-pricing-for-woocommerce-plugin-4-1-3-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-38134.md b/content/cve/CVE-2022-38134.md deleted file mode 100644 index 8ecccf2..0000000 --- a/content/cve/CVE-2022-38134.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-38134" -date: 2022-09-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. - -## Plugin Name -[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/) - -## Installation Number -50,000+ - -## Affected Version -<= 5.3.5 - -## Fixed Version -5.3.6 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38134) - * [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-authenticated-broken-access-control-vulnerability) diff --git a/content/cve/CVE-2022-38137.md b/content/cve/CVE-2022-38137.md deleted file mode 100644 index 0ce0832..0000000 --- a/content/cve/CVE-2022-38137.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-38137" -date: 2022-09-26T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -- - -## Plugin Name -[Analytify – Google Analytics Dashboard For WordPress](https://wordpress.org/plugins/wp-analytify/) - -## Installation Number -60,000+ - -## Affected Version -<= 4.2.2 - -## Fixed Version -4.2.3 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38137) - * [Patchstack](https://patchstack.com/database/vulnerability/wp-analytify/wordpress-analytify-plugin-4-2-2-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-38470.md b/content/cve/CVE-2022-38470.md deleted file mode 100644 index 3363adc..0000000 --- a/content/cve/CVE-2022-38470.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-38470" -date: 2022-09-22T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. - -## Plugin Name -[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/) - -## Installation Number -50,000+ - -## Affected Version -<= 5.3.5 - -## Fixed Version -5.3.6 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38470) - * [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-38704.md b/content/cve/CVE-2022-38704.md deleted file mode 100644 index f418d1d..0000000 --- a/content/cve/CVE-2022-38704.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-38704" -date: 2022-02-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress SEO Redirection plugin <= 8.9 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history. - -## Plugin Name -[SEO Redirection Plugin – 301 Redirect Manager](https://wordpress.org/plugins/seo-redirection) - -## Installation Number -30,000+ - -## Affected Version -<= 8.9 - -## Fixed Version -9.1 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38704) - * [Patchstack](https://patchstack.com/database/vulnerability/seo-redirection/wordpress-seo-redirection-plugin-8-9-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-40132.md b/content/cve/CVE-2022-40132.md deleted file mode 100644 index a0a1e8d..0000000 --- a/content/cve/CVE-2022-40132.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-40132" -date: 2022-09-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Seriously Simple Podcasting plugin <= 2.16.0 - Cross-Site Request Forgery" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Cross-Site Request Forgery (CSRF) vulnerability in Seriously Simple Podcasting plugin <= 2.16.0 at WordPress, leading to plugin settings change. - -## Plugin Name -[Seriously Simple Podcasting](https://wordpress.org/plugins/seriously-simple-podcasting) - -## Installation Number -30,000+ - -## Affected Version -<= 2.16.0 - -## Fixed Version -2.16.1 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40132) - * [Patchstack](https://patchstack.com/database/vulnerability/seriously-simple-podcasting/wordpress-seriously-simple-podcasting-plugin-2-16-0-cross-site-request-forgery-csrf-vulnerability) diff --git a/content/cve/CVE-2022-40194.md b/content/cve/CVE-2022-40194.md deleted file mode 100644 index 377cc7a..0000000 --- a/content/cve/CVE-2022-40194.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: "CVE-2022-40194" -date: 2022-09-23T11:30:03+00:00 -# weight: 1 -# aliases: ["/first"] -tags: ["cve"] -author: "Muhammad Daffa" -# author: ["Me", "You"] # multiple authors -showToc: true -TocOpen: true -draft: false -hidemeta: true -comments: false -description: "WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure" -canonicalURL: "https://canonical.url/to/page" -disableHLJS: false # to disable highlightjs -disableShare: false -hideSummary: false -searchHidden: true -ShowReadingTime: false -ShowBreadCrumbs: true -ShowPostNavLinks: true -ShowWordCount: false -ShowRssButtonInSectionTermList: true -UseHugoToc: true -cover: - image: "" # image path/url - alt: "" # alt text - caption: "" # display caption under cover - relative: false # when using page bundles set this to true - hidden: true # only hide on current single page -# editPost: -# URL: "https://github.com//content" -# Text: "Suggest Changes" # edit text -# appendFilePath: true # to append file path to Edit link ---- -## Description -Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress - -## Plugin Name -[Customer Reviews for WooCommerce](https://wordpress.org/plugins/customer-reviews-woocommerce/) - -## Installation Number -50,000+ - -## Affected Version -<= 5.3.5 - -## Fixed Version -5.3.6 - -## Advisory link - * [MITRE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38134) - * [Patchstack](https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-sensitive-information-disclosure-vulnerability/) diff --git a/content/cve/_index.md b/content/cve/_index.md index 74c8c2d..7a9e6c2 100644 --- a/content/cve/_index.md +++ b/content/cve/_index.md @@ -1,6 +1,97 @@ --- +author: "Muhammad Daffa" title: "CVEs" -layout: "archives" -# url: "/archives" -summary: "List of all my CVEs" +date: "2019-03-09" +# description: "About Muhammad Daffa" +tags: ["profile"] +TocOpen: true +draft: false +hidemeta: true +comments: false +searchHidden: true +ShowBreadCrumbs: false +ShowRssButtonInSectionTermList: false --- + +These are some of the CVEs I obtained from conducting penetration testing. + +## CVEs + +- [CVE-2023-25989](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/meks-smart-social-widget/meks-smart-social-widget-16-cross-site-request-forgery-via-meks-remove-notification) +- [CVE-2022-47172](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woolentor-addons/woolentor-262-cross-site-request-forgery-via-process-data) +- [CVE-2022-47169](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/visibility-logic-elementor/visibility-logic-for-elementor-234-cross-site-request-forgery-via-toggle-option) +- [CVE-2023-23823](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/enhanced-text-widget/enhanced-text-widget-157-missing-authorization) +- [CVE-2022-45372](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-product-gallery-slider/product-gallery-slider-for-woocommerce-228-cross-site-request-forgery) +- [CVE-2022-33974](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/custom-twitter-feeds/custom-twitter-feeds-tweets-widget-184-cross-site-request-forgery) +- [CVE-2022-47174](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/performance-lab/performance-lab-220-cross-site-request-forgery-via-dismiss-wp-pointer) +- [CVE-2022-47136](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ninja-tables/ninja-tables-434-cross-site-request-forgery) +- [CVE-2022-47178](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-share-buttons-adder/simple-share-buttons-adder-846-cross-site-request-forgery) +- [CVE-2022-47137](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ninja-tables/ninja-tables-434-authenticated-administrator-stored-cross-site-scripting-via-plugin-settings) +- [CVE-2022-45371](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/shopengine/shopengine-411-cross-site-request-forgery) +- [CVE-2022-33961](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yellow-pencil-visual-theme-customizer/yellowpencil-visual-css-style-editor-758-reflected-cross-site-scripting-livelink) +- [CVE-2022-32970](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/themify-portfolio-post/themify-portfolio-post-122-authenticated-editor-stored-cross-site-scripting) +- [CVE-2022-45367](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/custom-order-numbers-for-woocommerce/custom-order-numbers-for-woocommerce-140-cross-site-request-forgery) +- [CVE-2022-47149](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/pretty-link/shortlinks-by-pretty-links-340-cross-site-request-forgery-via-route) +- [CVE-2022-47161](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/health-check/health-check-troubleshooting-151-cross-site-request-forgery-via-health-check-troubleshoot-get-captures) +- [CVE-2023-28989](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/happy-elementor-addons/happy-addons-for-elementor-382-cross-site-request-forgery-via-handle-optin-optout) +- [CVE-2022-46793](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-product-feed-pro/product-feed-pro-for-woocommerce-1240-cross-site-request-forgery-via-update-project) +- [CVE-2022-46795](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-delivery-notes/print-invoice-delivery-notes-for-woocommerce-472-cross-site-request-forgery-via-ts-reset-tracking-setting) +- [CVE-2022-46794](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/weight-based-shipping-for-woocommerce/woocommerce-weight-based-shipping-541-cross-site-request-forgery-leading-to-plugin-settings-changes) +- [CVE-2023-27461](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/when-last-login/when-last-login-121-cross-site-request-forgery) +- [CVE-2023-26543](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-meteor/wp-meteor-page-speed-optimization-topping-314-cross-site-request-forgery-via-processajaxnoticedismiss) +- [CVE-2022-46851](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/astra-sites/starter-templates-elementor-wordpress-beaver-builder-templates-3120-cross-site-request-forgery-in-add-to-favorite) +- [CVE-2022-46853](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/the-post-grid/the-post-grid-shortcode-gutenberg-blocks-and-elementor-addon-for-post-grid-504-cross-site-request-forgery-in-rttpg-spare-me) +- [CVE-2022-46852](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-table-builder/wp-table-builder-wordpress-table-plugin-146-authenticated-admin-stored-cross-site-scripting) +- [CVE-2022-40198](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-wallet/terawallet-for-woocommerce-1324-cross-site-request-forgery-via-admin-options) +- [CVE-2022-47166](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/cf7-widget-elementor/void-contact-form-7-widget-for-elementor-page-builder-211-cross-site-request-forgery-in-void-cf7-opt-in-user-data-track) +- [CVE-2022-46855](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/dk-pricr-responsive-pricing-table/responsive-pricing-table-516-authenticated-contributor-stored-cross-site-scripting) +- [CVE-2022-46797](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/enhanced-e-commerce-for-woocommerce-store/all-in-one-google-analytics-pixels-and-product-feed-manager-for-woocommerce-523-cross-site-request-forgery) +- [CVE-2022-46796](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-multi-currency/curcy-2125-missing-authorization-to-currency-exchange-retrieval) +- [CVE-2022-46798](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woolentor-addons/shoplentor-251-cross-site-request-forgery-to-post-updates) +- [CVE-2022-46848](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/visualizer/visualizer-391-authenticatedcontributor-stored-cross-site-scripting) +- [CVE-2022-45068](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-mercadopago/mercado-pago-payments-for-woocommerce-631-cross-site-request-forgery) +- [CVE-2023-23711](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/a2-optimized-wp/a2-optimized-wp-304-cross-site-request-forgery) +- [CVE-2022-45376](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/side-cart-woocommerce/side-cart-woocommerce-ajax-21-cross-site-request-forgery) +- [CVE-2022-45076](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/flexible-elementor-panel/flexible-elementor-panel-238-cross-site-request-forgery) +- [CVE-2022-47148](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-pdf-invoices-packing-slips/woocommerce-pdf-invoices-packing-slips-325-cross-site-request-forgery) +- [CVE-2022-47170](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/unlimited-elements-for-elementor/unlimited-elements-for-elementor-free-widgets-addons-templates-1548-authenticated-admin-cross-site-scripting-xss) +- [CVE-2023-22700](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/pixelyoursite/pixelyoursite-930-cross-site-request-forgery) +- [CVE-2022-45067](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/exclusive-addons-for-elementor/exclusive-addons-for-elementor-261-cross-site-request-forgery) +- [CVE-2022-26366](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/adrotate/adrotate-banner-manager-59-cross-site-request-forgery) +- [CVE-2022-25952](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/content-egg/content-egg-540-cross-site-request-forgery) +- [CVE-2022-43481](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-coupons-for-woocommerce-free/advanced-coupons-for-woocommerce-coupons-45-cross-site-request-forgery) +- [CVE-2022-43463](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yikes-inc-easy-custom-woocommerce-product-tabs/custom-product-tabs-for-woocommerce-179-authenticated-administrator-stored-cross-site-scripting) +- [CVE-2022-36401](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-wallet/terawallet-for-woocommerce-1324-cross-site-request-forgery) +- [CVE-2022-43488](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-dynamic-pricing-for-woocommerce/advanced-dynamic-pricing-for-woocommerce-415-cross-site-request-forgery-2) +- [CVE-2022-40686](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/creative-mail-by-constant-contact/creative-mail-154-cross-site-request-forgery-to-plugin-deactivation) +- [CVE-2022-40687](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/creative-mail-by-constant-contact/creative-mail-154-cross-site-request-forgery-to-settings-disconnect) +- [CVE-2022-41805](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woocommerce-jetpack/booster-for-woocommerce-566-cross-site-request-forgery) +- [CVE-2022-34148](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/backup/backup-guard-169-authenticated-administrator-stored-cross-site-scripting) +- [CVE-2022-43491](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-dynamic-pricing-for-woocommerce/advanced-dynamic-pricing-for-woocommerce-415-cross-site-request-forgery) +- [CVE-2022-38137](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-analytify/analytify-google-analytics-dashboard-for-wordpress-422-cross-site-request-forgery) +- [CVE-2022-32776](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-ads/advanced-ads-ad-manager-adsense-1311-authenticated-administrator-stored-cross-site-scripting) +- [CVE-2022-34654](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/manage-notification-emails/manage-notification-e-mails-182-cross-site-request-forgery-to-plugin-options-update) +- [CVE-2022-32587](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-page-widget/wp-page-widget-39-cross-site-request-forgery) +- [CVE-2022-36340](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/mailoptin/mailoptin-12490-missing-authorization-to-cache-deletion) +- [CVE-2022-40132](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/seriously-simple-podcasting/seriously-simple-podcasting-2160-cross-site-request-forgery) +- [CVE-2022-38134](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/customer-reviews-woocommerce/customer-reviews-for-woocommerce-535-multiple-unprotected-ajax-actions) +- [CVE-2022-40194](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/customer-reviews-woocommerce/customer-reviews-for-woocommerce-535-sensitive-data-exposure) +- [CVE-2022-38470](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/customer-reviews-woocommerce/customer-reviews-for-woocommerce-535-cross-site-request-forgery) +- [CVE-2022-38095](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-dynamic-pricing-for-woocommerce/advanced-dynamic-pricing-for-woocommerce-413-cross-site-request-forgery-to-plugin-settings-update) +- [CVE-2022-33177](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/booking/booking-calendar-921-cross-site-request-forgery) +- [CVE-2022-38058](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-shamsi/wp-shamsi-411-missing-authorization-to-plugin-settings-update) +- [CVE-2022-36282](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/search-exclude/search-exclude-126-authenticated-editor-stored-cross-site-scripting) +- [CVE-2022-35726](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/yotuwp-easy-youtube-embed/video-gallery-youtube-playlist-channel-gallery-by-yotuwp-138-missing-authorization) +- [CVE-2022-38703](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/maxbuttons/maxbuttons-92-authenticated-administrator-stored-cross-site-scripting) +- [CVE-2022-34347](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/download-manager/download-manager-3248-cross-site-request-forgery-to-plugin-settings-update) +- [CVE-2022-36346](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/maxbuttons/wordpress-button-plugin-maxbuttons-92-cross-site-request-forgery) +- [CVE-2022-38704](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/seo-redirection/seo-redirection-plugin-301-redirect-manager-89-cross-site-request-forgery) +- [CVE-2022-33201](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/official-mailerlite-sign-up-forms/mailerlite-signup-forms-official-157-cross-site-request-forgery) +- [CVE-2022-27848](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/modern-events-calendar-lite/modern-events-calendar-lite-651-authenticated-admin-stored-cross-site-scripting) +- [CVE-2022-27844](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpvivid-backuprestore/migration-backup-staging-wpvivid-0970-authenticated-arbitrary-file-read) +- [CVE-2022-25618](https://www.wordfence.com/threat-intel/vulnerabilities/detail/wpdatatables-wordpress-tables-table-charts-plugin-2127-authenticated-admin-stored-cross-site-scripting) +- [CVE-2022-23983](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-content-copy-protection/wp-content-copy-protection-344-cross-site-request-forgery-to-setting-update) +- [CVE-2022-23984](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpdiscuz/comments-wpdiscuz-7311-sensitive-information-disclosure) +- [CVE-2021-24561](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-sms/wp-sms-5412-authenticated-stored-cross-site-scripting) +- [CVE-2021-24531](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/charitable/charitable-donation-plugin-1650-authenticated-stored-cross-site-scripting) +- [CVE-2021-24519](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/vikrentcar/vikrentcar-car-rental-management-system-1110-authenticated-admin-stored-cross-site-scripting) diff --git a/content/portfolio/_index.md b/content/portfolio/_index.md index adffa24..499dfef 100644 --- a/content/portfolio/_index.md +++ b/content/portfolio/_index.md @@ -21,41 +21,86 @@ The list below are some of the companies that recognize me as a bug hunter. Here - Hall of Fame at Sekolah Siber - Hall of Fame at wur.nl - Thanks list at HackerOne PlanetArt -- Thanks list at Private Program HackerOne +- Thanks list at HackerOne Valve - Certificate Appreciation from GeeksforGeeks -**[Click here](https://daffa.info/achievements/)** to see the full list +**[Click here](https://daffa.info/bug-hunting/)** to see the full list + ## CVEs Here is a list of CVEs that I got, most of them came from vulnerabilities in wordpress. I have a target which is to have **100++ CVEs**. -- [CVE-2022-40194](https://daffa.info/cve/cve-2022-40194/) (WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure) -- [CVE-2022-40132](https://daffa.info/cve/cve-2022-40132/) (WordPress Seriously Simple Podcasting plugin <= 2.16.0 - CSRF) -- [CVE-2022-38704](https://daffa.info/cve/cve-2022-38704/) (WordPress SEO Redirection plugin <= 8.9 - CSRF) -- [CVE-2022-38470](https://daffa.info/cve/cve-2022-38470/) (WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - CSRF) -- [CVE-2022-38095](https://daffa.info/cve/cve-2022-38095/) (WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - CSRF) +- [CVE-2023-25989](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/meks-smart-social-widget/meks-smart-social-widget-16-cross-site-request-forgery-via-meks-remove-notification) +- [CVE-2022-47172](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woolentor-addons/woolentor-262-cross-site-request-forgery-via-process-data) +- [CVE-2022-47169](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/visibility-logic-elementor/visibility-logic-for-elementor-234-cross-site-request-forgery-via-toggle-option) +- [CVE-2023-23823](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/enhanced-text-widget/enhanced-text-widget-157-missing-authorization) +- [CVE-2022-45372](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/woo-product-gallery-slider/product-gallery-slider-for-woocommerce-228-cross-site-request-forgery) -Total CVEs: **19** +Total CVEs: **89** **[Click here](https://daffa.info/cve/)** to see the full list -## GitHub Projects +## Capture The Flag -These are my github projects which have lots of stars and forks +I started to do CTF again in 2023, and this is a list of wins we have achieved while participating in several CTF competitions +### CTF Competitions + +| Event Name | Team | Ranking | +| ---------- | ---- | ------- | +| DeconstruCT.F 2023 | aseng_fans_club | 1 | +| The Odyssey CTF | aseng_fans_club | 1 | +| BDSec CTF 2023 | HCS | 1 | +| 0xLaugh CTF 2023 | TCP1P | 2 | + +### Writeup Competitions + +| Event Name | Team | +| ---------- | ---- | +| UIUCTF 2023 | TCP1P | + +## Open Source Projects + +Here are my open source projects related to cybersecurity that I have created and pushed to GitHub. + +### Maintained Projects + +#### Notes - [AllAboutBugBounty](https://github.com/daffainfo/AllAboutBugBounty) - [all-about-apikey](https://github.com/daffainfo/all-about-apikey) -- [Key-Checker](https://github.com/daffainfo/Key-Checker) - [match-replace-burp](https://github.com/daffainfo/match-replace-burp) +- [Oneliner-Bugbounty](https://github.com/daffainfo/Oneliner-Bugbounty) + +#### CTF +- [ctf-writeup](https://github.com/daffainfo/ctf-writeup) + +#### Blue Team +- [malpacks](https://github.com/daffainfo/malpacks) +- [suricata-rules](https://github.com/daffainfo/suricata-rules) + +#### Labs +- [vulnerable-web](https://github.com/daffainfo/vulnerable-web) +- [vulnlabs](https://github.com/daffainfo/vulnlabs) + +#### Tools +- [bypass-403](https://github.com/daffainfo/bypass-403) +- [bash-bounty](https://github.com/daffainfo/bash-bounty) +- [apiguesser](https://github.com/daffainfo/apiguesser) +- [apiguesser](https://github.com/daffainfo/apiguesser-web) +- [mailspoof](https://github.com/daffainfo/mailspoof) + +### Abandoned Projects - [Git-Secret](https://github.com/daffainfo/Git-Secret) -- [Bug-Bounty-Tools](https://github.com/daffainfo/Bug-Bounty-Tools) +- [Key-Checker](https://github.com/daffainfo/Key-Checker) **[Click here](https://github.com/daffainfo?tab=repositories)** to check some of my repositories + ## Certifications +- eLearnSecurity Web Application Penetration Tester eXtreme (eWPTXv2) - eLearnSecurity Junior Penetration Tester (eJPT) +- Certified AppSec Practitioner +- Certfied Network Security Practicioner - Certified Secure Computer User (C/SCU) -- Fortinet Network Security Expert Level 1: Certified Associate (NSE 1) -- Fortinet Network Security Expert Level 2: Certified Associate (NSE 2) ## Misc diff --git a/content/search.md b/content/search.md deleted file mode 100644 index 9da8567..0000000 --- a/content/search.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: "Search" -layout: "search" ---- diff --git a/public/404.html b/public/404.html index 5ea10e7..8ffc46d 100644 --- a/public/404.html +++ b/public/404.html @@ -1,4 +1,4 @@ -404 Page not found | Muhammad Daffa
404