CVE-2023-5672
published 2023-12-26CVE-2023-5672: The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion…
PriorityP339medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.71%
48.8th percentile
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 3.9.0 < 4.19.283 | 4.19.283 |
| linux | linux_kernel | >= 4.20.0 < 5.4.243 | 5.4.243 |
| linux | linux_kernel | >= 5.11.0 < 5.15.111 | 5.15.111 |
| linux | linux_kernel | >= 5.16.0 < 6.1.28 | 6.1.28 |
| linux | linux_kernel | >= 5.5.0 < 5.10.180 | 5.10.180 |
| linux | linux_kernel | >= 6.2.0 < 6.2.15 | 6.2.15 |
| linux | linux_kernel | >= 6.3.0 < 6.3.2 | 6.3.2 |
| msrc | microsoft_edge | — | — |
| wpvibes | wp_mail_log | < 1.1.3 | 1.1.3 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
vendor_msrc4.7MEDIUM
vendor_redhat4.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
vmci_host: fix a race condition in vmci_host_poll() causing GPF
osv·2025-12-24
CVE-2023-54007 vmci_host: fix a race condition in vmci_host_poll() causing GPF
vmci_host: fix a race condition in vmci_host_poll() causing GPF
In the Linux kernel, the following vulnerability has been resolved:
vmci_host: fix a race condition in vmci_host_poll() causing GPF
During fuzzing, a general protection fault is observed in
vmci_host_poll().
general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf]
RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926
Call Trace:
lock_acquire+0x1a4/0x4a0 kernel/locking/lockdep.c:5672
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xb3/0x100 kernel/locking/spinlock.c:162
add_wait_queue+0x3d/0x260 kernel/sched/wait.c:22
poll_wait include/linux/p
GHSA
GHSA-pq3w-qg2x-wx83: The WP Mail Log WordPress plugin before 1
ghsa_unreviewed·2023-12-26
CVE-2023-5672 [MEDIUM] CWE-22 GHSA-pq3w-qg2x-wx83: The WP Mail Log WordPress plugin before 1
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file path parameters when attaching files to emails, leading to local file inclusion, and allowing an attacker to leak the contents of arbitrary files.
Microsoft
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
vendor_msrc·2023-05-09·CVSS 4.7
CVE-2023-29354 [MEDIUM] Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
113.0.1774.35
113.0.5672.63/.64
5/5/2023
Extended Stable
112.0.1722.71
112.0.5615.179
5/4/2023
FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.
FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of Integrity (I:L)? What does that mean for this vulnerability?
Attacker is able to bypass Content Security Policy (CSP) and Pop-up blocker this this vulnerability,
No detection rules found.
Bugzilla
CVE-2023-54007 kernel: vmci_host: fix a race condition in vmci_host_poll() causing GPF
bugzilla·2025-12-24
CVE-2023-54007 [LOW] CVE-2023-54007 kernel: vmci_host: fix a race condition in vmci_host_poll() causing GPF
CVE-2023-54007 kernel: vmci_host: fix a race condition in vmci_host_poll() causing GPF
In the Linux kernel, the following vulnerability has been resolved:
vmci_host: fix a race condition in vmci_host_poll() causing GPF
During fuzzing, a general protection fault is observed in
vmci_host_poll().
general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf]
RIP: 0010:__lock_acquire+0xf3/0x5e00 kernel/locking/lockdep.c:4926
Call Trace:
lock_acquire+0x1a4/0x4a0 kernel/locking/lockdep.c:5672
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xb3/0x100 kernel/locking/spinlock.c:162
add_wait_queue+0x3d/0x260 kernel/sched/wait.c:22
po
CTF
FesseMisk / README
ctf_writeups·2024·CVSS 10.0
[CRITICAL] FesseMisk / README
# Prime Time (User)
## Description
Cisco Prime Infrastructure is a network management tool for managing network infrastructure. This server is a partial version, containing key components and files for testing, and can be exploited similarly to the full version.
## Solution
Given an IP, we run `nmap -T5 -p- IP` to scan the box. The scan reveals several open ports:
- Port 22: OpenSSH
- Port 1883: MQTT broker
- Port 5672: AMQP service
- Port 8161: HTTP (Jetty 9.2.22, "Apache ActiveMQ" title)
- Port 46655: tcpwrapped
- Port 61613: STOMP protocol
- Port 61614: HTTP (Jetty 9.2.22, supports risky methods)
- Port 61616: Apache ActiveMQ (version 5.15.3)
A quick search for exploits on "Jetty 9.2.22 RCE" and "ActiveMQ 5.15.3 RCE" led to this ActiveMQ exploit: [CVE-2023-46604-ActiveMQ-RCE-pseudo
2023-12-26
Published