CVE-2024-1337
published 2024-02-29CVE-2024-1337: The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderPageData'…
PriorityP423medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.34%
26.2th percentile
The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderPageData' function in all versions up to, and including, 4.1. This makes it possible for authenticated attackers, with subscriber access and above, to inject arbitrary content into pages.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sktthemes | skt_templates | < 4.2 | 4.2 |
| sonalsinha21 | skt_page_builder | <= 4.1 | — |
| strapi | admin | >= 0 < 4.25.2 | 4.25.2 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vendor_redhat6.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Strapi allows Server-Side Request Forgery in Webhook function
ghsa·2025-05-27
CVE-2024-52588 [MEDIUM] CWE-918 Strapi allows Server-Side Request Forgery in Webhook function
Strapi allows Server-Side Request Forgery in Webhook function
## Description
In Strapi latest version, at function Settings -> Webhooks, the application allows us to input a URL in order to create a Webook connection. However, we can input into this field the local domains such as `localhost`, `127.0.0.1`, `0.0.0.0`,.... in order to make the Application fetching into the internal itself, which causes the vulnerability `Server - Side Request Forgery (SSRF)`.
## Payloads
- `http://127.0.0.1:80` -> `The Port is not open`
- `http://127.0.0.1:1337` -> `The Port which Strapi is running on`
## Steps to Reproduce
- First of all, let's input the URL `http://127.0.0.1:80` into the `URL` field, and click "Save".
- Next, use the "Trigger" function and use Burp Suite to capture the request / res
GHSA
GHSA-g6xm-gh7w-3jh2: The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderP
ghsa_unreviewed·2024-02-29
CVE-2024-1337 [MEDIUM] CWE-862 GHSA-g6xm-gh7w-3jh2: The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderP
The SKT Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'saveSktbuilderPageData' function in all versions up to, and including, 4.1. This makes it possible for authenticated attackers, with subscriber access and above, to inject arbitrary content into pages.
Red Hat
rubygem-actionmailer: Possible ReDoS vulnerability in block_format in Action Mailer
vendor_redhat·2024-10-15·CVSS 6.6
CVE-2024-47889 [MEDIUM] CWE-1337 rubygem-actionmailer: Possible ReDoS vulnerability in block_format in Action Mailer
rubygem-actionmailer: Possible ReDoS vulnerability in block_format in Action Mailer
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the block_format helper in Action Mailer. Carefully crafted text can cause the block_format helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling the `block_format` helper or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are unaf
Red Hat
rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
vendor_redhat·2024-10-15·CVSS 6.6
CVE-2024-47887 [MEDIUM] CWE-1337 rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
rubygem-actionpack: Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in Action Controller's HTTP Token authentication. For applications using HTTP Token authentication via `authenticate_or_request_with_http_token` or similar, a carefully crafted header may cause header parsing to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. One may choose to use Ruby 3.2 as a workaround.Ruby 3.2 has
Red Hat
rubygem-actiontext: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
vendor_redhat·2024-10-15·CVSS 6.6
CVE-2024-47888 [MEDIUM] CWE-1337 rubygem-actiontext: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
rubygem-actiontext: Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the `plain_text_for_blockquote_node helper` in Action Text. Carefully crafted text can cause the `plain_text_for_blockquote_node` helper to take an unexpected amount of time, possibly resulting in a DoS vulnerability. All users running an affected release should either upgrade to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, or 7.2.1.1 or apply the relevant patch immediately. As a workaround, users can avoid calling `plain_text_for_blockquote_node` or upgrade to Ruby 3.2. Ruby 3.2 has mitigations for this problem, s
Suricata
GPL SMTP EXPN overflow attempt
suricata·2010-09-23
CVE-2002-1337 GPL SMTP EXPN overflow attempt
GPL SMTP EXPN overflow attempt
Rule: alert tcp $EXTERNAL_NET any -> $SMTP_SERVERS 25 (msg:"GPL SMTP EXPN overflow attempt"; flow:established,to_server; content:"EXPN"; nocase; isdataat:255,relative; content:!"|0a|"; within:255; pcre:"/^EXPN[^\n]{255}/smi"; reference:bugtraq,6991; reference:bugtraq,7230; reference:cve,2002-1337; reference:cve,2003-0161; classtype:attempted-admin; sid:2102259; rev:10; metadata:created_at 2010_09_23, cve CVE_2002_1337, confidence Medium, signature_severity Major, updated_at 2024_03_08;)
No writeups or analysis indexed.
https://plugins.trac.wordpress.org/changeset/3034383/https://www.wordfence.com/threat-intel/vulnerabilities/id/3164b96f-d876-4cbc-bddf-51e9d9becee6?source=cvehttps://plugins.trac.wordpress.org/changeset/3034383/https://www.wordfence.com/threat-intel/vulnerabilities/id/3164b96f-d876-4cbc-bddf-51e9d9becee6?source=cve
2024-02-29
Published