Cross-Site Scripting in Calendar WordPress Plugin
Home » Cross-Site Scripting in Calendar WordPress Plugin
Cross-Site Scripting in Calendar WordPress Plugin
Condividi
RSS
Piu’ articoli…
- Unificare la piattaforma per la threat detection
- L’importanza del monitoring ICT
- I benefici SOAR: semplificare indagine e risposta
- Security Code Review: come funziona il servizio
- Automated Response Integration: le automazioni nel SOCaaS
- Coordinazione tra CTI e SOC: come alzare ulteriormente le difese
- Novità Cloud Server: internet ridondata
- Certificato di qualità per il SOCaaS di SOD
Categorie …
- Backup as a Service (24)
- Acronis Cloud Backup (18)
- Veeam Cloud Connect (3)
- Cloud CRM (1)
- Cloud Server/VPS (23)
- Conferenza Cloud (4)
- Log Management (2)
- Monitoraggio ICT (4)
- Novita' (15)
- ownCloud (7)
- Privacy (8)
- Secure Online Desktop (15)
- Security (157)
- Cyber Threat Intelligence (CTI) (5)
- Ethical Phishing (8)
- SOCaaS (49)
- Vulnerabilita' (84)
- Web Hosting (15)
Tags
CSIRT
- PoC pubblico per lo sfruttamento della CVE-2022-22972 per prodotti VMWare
(AL03/220527/CSIRT-ITA) Maggio 27, 2022Rilasciato un Proof of Concept (PoC) per la vulnerabilità CVE-2022-22972 che interessa alcuni prodotti VMWare.
- Aggiornamenti per prodotti Zyxel
(AL02/220527/CSIRT-ITA) Maggio 27, 2022Zyxel rilascia aggiornamenti di sicurezza per sanare vulnerabilità, di cui una con gravità “alta”, nei propri Firewall, Access Point e controller Access Point.
- Aggiornamenti DRUPAL
(AL01/220527/CSIRT-ITA) Maggio 27, 2022Aggiornamenti di sicurezza risolvono una vulnerabilità in Drupal Core.
- Aggiornamenti per prodotti Citrix
(AL02/220525/CSIRT-ITA) Maggio 25, 2022Risolte 2 vulnerabilità presenti nei prodotti Citrix ADC e Citrix Gateway che, qualora sfruttate, potrebbero consentire a un utente malintenzionato la compromissione della disponibilità del servizio.
- Nuova versione di Google Chrome
(AL01/220525/CSIRT-ITA) Maggio 25, 2022Nuovo aggiornamento di Google Chrome per Windows, Mac e Linux corregge 32 vulnerabilità di sicurezza, di cui 1 con gravità “critica” e 8 con gravità “alta”.
- Aggiornamenti per CISCO IOS XR
(AL02/220523/CSIRT-ITA) Maggio 23, 2022Aggiornamenti di sicurezza Cisco sanano una vulnerabilità nel prodotto IOS XR.
- Aggiornamenti di sicurezza per prodotti Mozilla
(AL01/220523/CSIRT-ITA) Maggio 23, 2022Mozilla ha rilasciato aggiornamenti di sicurezza per sanare 2 vulnerabilità con gravità “critica” nei prodotti Firefox, Firefox ESR, Firefox per Android e Thunderbird.
- La Settimana Cibernetica del 22 maggio 2022 Maggio 23, 2022Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 16 al 22 maggio 2022
- ATTACCHI DDoS - Tipologie e azioni di mitigazione
(BL01/220520/CSIRT-ITA) Maggio 20, 2022L’Agenzia per la Cybersicurezza Nazionale continua a monitorare con la massima attenzione le minacce cibernetiche nei confronti del Paese, con particolare riguardo al fenomeno degli attacchi DDOS che dalla tarda serata di ieri interessano alcuni siti web di Pubbliche Amministrazioni e Soggetti privati. Rispetto a quanto già comunicato nell’alert, diramato in data 13 maggio , […]
- Attività malevole verso dispositivi VMWare
(BL01/220519/CSIRT-ITA) Maggio 19, 2022La Cybersecurity and Infrastructure Security Agency (CISA) ha recentemente pubblicato un Cybersecurity Advisory (CSA) per allertare le organizzazioni di possibili attività malevole volte a sfruttare vulnerabilità note che interessano i prodotti VMWare.
Dark Reading
- ChromeLoader Malware Hijacks Browsers With ISO Files Maggio 27, 2022The malware’s abuse of PowerShell makes it more dangerous, allowing for more advanced attacks such as ransomware, fileless malware, and malicious code memory injections.
- Physical Security Teams' Impact Is Far-Reaching Maggio 27, 2022Here's how physical security teams can integrate with the business to identify better solutions to security problems.
- Taking the Danger Out of IT/OT Convergence Maggio 27, 2022The Colonial Pipeline attack highlighted the risks of convergence. Unified security provides a safer way to proceed.
- Microsoft Unveils Dev Box, a Workstation-as-a-Service Maggio 26, 2022Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.
- Broadcom Snaps Up VMware in $61B Deal Maggio 26, 2022Massive merger will put Broadcom's Symantec and VMware's Carbon Black under one roof.
- Lacework Announces Layoffs, Restructuring Maggio 26, 2022The cloud-security company blames "seismic" market shifts for shakeup.
- Third-Party Scripts on Websites Present a 'Broad & Open' Attack Vector Maggio 26, 2022Nearly half of the world's largest websites use externally generated JavaScript that makes them ripe targets for cyberattackers interested in stealing data, skimming credit cards, and executing other malicious actions.
- Twitter Fined $150M for Security Data Misuse Maggio 26, 2022Twitter is charged with using emails and phone numbers ostensibly collected for account security to sell targeted ads.
- The FDA's New Cybersecurity Guidance for Medical Devices Reminds Us That Safety & Security Go Hand in Hand Maggio 26, 2022The new draft guidance on premarket submissions incorporates quality system regulations and doubles down on a life-cycle approach to product security.
- VMware, Airline Targeted as Ransomware Chaos Reigns Maggio 26, 2022Global ransomware incidents target everything from enterprise servers to grounding an airline, with one India-based group even taking a Robin Hood approach to extortion with the "GoodWill" strain.
Full Disclosure
- Disclosing Vulnerability of CLink Office 2.0 Maggio 23, 2022Posted by chan chan on May 23Dear Sir/Madam, I would like to submit a vulnerability found on CLink Office 2.0. I had contacted the vendor 60 days before but in vain. # Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console # Date: 30 Mar 2022 # Exploit Author: […]
- [tool] tplink backup decryptor. Maggio 23, 2022Posted by retset on May 23Yet another "tool" to decrypt a backup configs for some tplink wifi routers. Only tested on latest fw for "Archer C7". I hope that it will be useful for someone. https://github.com/ret5et/tplink_backup_decrypt_2022.bin
- SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP® Application Server, ABAP and ABAP® Platform (Different Software Components) Maggio 18, 2022Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 18SEC Consult Vulnerability Lab Security Advisory < 20220518-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: SAP® Application Server ABAP and ABAP® Platform (Different Software Components) vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security notes...
- PHPIPAM 1.4.4 - CVE-2021-46426 Maggio 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-03/2022 ]========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents ]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability […]
- LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 Maggio 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-12/2021 ]========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability...
- Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! Maggio 18, 2022Posted by malvuln on May 18Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! https://www.youtube.com/watch?v=eg3l8a_HSSU
- github.com/malvuln/RansomDLLs / Catalog of current DLLs affecting vulnerable Ransomware strains. Maggio 18, 2022Posted by malvuln on May 18Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I have used successfully to hijack and intercept vulnerable strains executing arbitrary code pre-encryption. https://github.com/malvuln/RansomDLLs
- APPLE-SA-2022-05-16-2 macOS Monterey 12.4 Maggio 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-2 macOS Monterey 12.4 macOS Monterey 12.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213257. AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed […]
- APPLE-SA-2022-05-16-6 tvOS 15.5 Maggio 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-6 tvOS 15.5 tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254. AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel […]
- APPLE-SA-2022-05-16-5 watchOS 8.6 Maggio 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-5 watchOS 8.6 watchOS 8.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213253. AppleAVD Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free […]
Customers
Twitter FEED
Recent activity
-
SecureOnlineDesktop
Security Awareness, la sicurezza aziendale parte dai dipendenti. L'ingegneria sociale fa spesso leva sull'ignoranza… https://t.co/nGAs70Ofn5
-
SecureOnlineDesktop
Torna all'inizio Scopri i nostri servizi di Cyber SecurityTroverai sicuramente quello che fa al caso tuo Se vuoi m… https://t.co/Emm5kUfFc4
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Today we see one of the latest additions to our SOCaaS, the Autonomous Threat… https://t.co/QNvHnKbEqq
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The Security Code Review (SCR) service is increasingly used by companies l… https://t.co/rJmYXr1oCj
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Il servizio di Security Code Review (SCR) è sempre più utilizzato dalle aziende… https://t.co/g2ho2C8FYh
Newsletter
Prodotti e Soluzioni
- Cloud Server
- Conferenza Cloud
- Web Hosting
- Cloud CRM
- Consulenza ICT | Outsourcing
- ownCloud
- BaaS | Cloud Backup
- Log Management
- Servizio di monitoraggio ICT
- Next Generation SIEM
- Phishing Etico
- VPN Aziendali
- Progetti ICT
- Consulenze
- Vulnerability Assessment & Penetration Test
- Progetti Web
- Privacy | GDPR
- SOC as a Service
News
- Unificare la piattaforma per la threat detection Maggio 23, 2022
- L’importanza del monitoring ICT Maggio 11, 2022
- I benefici SOAR: semplificare indagine e risposta Aprile 18, 2022
- Security Code Review: come funziona il servizio Aprile 13, 2022
- Automated Response Integration: le automazioni nel SOCaaS Aprile 11, 2022
Recensioni Google























Copyright © 2011 Secure Online Desktop s.r.l. All Rights Reserved.
VAT: 07485920966 “Cloud Computing services - Software cloud - Cloud server - VPS” Terms of ServicePrivacy Policy
ISO Certifications