CVE-2024-2848
published 2024-03-29CVE-2024-2848: The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callback…
PriorityP278high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.66%
46.8th percentile
The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callback function in all versions up to, and including, 5.0.2. This makes it possible for unauthenticated attackers to inject arbitrary HTML content into the site's footer.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cyberchimps | responsive | <= 5.0.2 | — |
| github.com | dexidp_dex | >= 0 < 0.0.0-20240125115555-5bbdb4420254 | 0.0.0-20240125115555-5bbdb4420254 |
| github.com | dexidp_dex | >= 2.37.0 < 2.38.0 | 2.38.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
vulncheck7.5HIGH
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8vpf-jx6q-39fr: The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callba
ghsa_unreviewed·2024-03-29
CVE-2024-2848 [HIGH] CWE-862 GHSA-8vpf-jx6q-39fr: The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callba
The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callback function in all versions up to, and including, 5.0.2. This makes it possible for unauthenticated attackers to inject arbitrary HTML content into the site's footer.
GHSA
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
ghsa·2024-01-26
CVE-2024-23656 [HIGH] CWE-326 Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
### Summary
Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1.
### Details
While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating.
https://github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/dex/serve.go#L425 is seemingly setting TLS 1.2 as minimum version, but the whole tlsConfig is ignored after "TLS cert reloader" was introduced in https://github.com/dexidp/dex/pull/2964. Configured cipher suites are not respected either, as seen on the output.
### PoC
Build Dex, generate certs with `gencert.sh`, modify `config.dev.yaml` to run on h
VulnCheck
Responsive theme for WordPress save_footer_text_callback Vulnerability
vulncheck·2024·CVSS 7.5
CVE-2024-2848 [HIGH] Responsive theme for WordPress save_footer_text_callback Vulnerability
Responsive theme for WordPress save_footer_text_callback Vulnerability
The Responsive theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_footer_text_callback function in all versions up to, and including, 5.0.2. This makes it possible for unauthenticated attackers to inject arbitrary HTML content into the site's footer.
Affected: CyberChimps Responsive theme for WordPress
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://patchstack.com/database/vulnerability/responsive/wordpress-responsive-theme-5-0-2-missing-authorization-to-hmtl-injection-vulnerability
Red Hat
kernel: sched/deadline: Fix warning in migrate_enable for boosted tasks
vendor_redhat·2024-12-27·CVSS 5.5
CVE-2024-56583 [MEDIUM] kernel: sched/deadline: Fix warning in migrate_enable for boosted tasks
kernel: sched/deadline: Fix warning in migrate_enable for boosted tasks
In the Linux kernel, the following vulnerability has been resolved:
sched/deadline: Fix warning in migrate_enable for boosted tasks
When running the following command:
while true; do
stress-ng --cyclic 30 --timeout 30s --minimize --quiet
done
a warning is eventually triggered:
WARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794
setup_new_dl_entity+0x13e/0x180
...
Call Trace:
? show_trace_log_lvl+0x1c4/0x2df
? enqueue_dl_entity+0x631/0x6e0
? setup_new_dl_entity+0x13e/0x180
? __warn+0x7e/0xd0
? report_bug+0x11a/0x1a0
? handle_bug+0x3c/0x70
? exc_invalid_op+0x14/0x70
? asm_exc_invalid_op+0x16/0x20
enqueue_dl_entity+0x631/0x6e0
enqueue_task_dl+0x7d/0x120
__do_set_cpus_allowed+0xe3/0x280
__set_cpus_allowed_ptr_locke
No detection rules found.
No public exploits indexed.
https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=222494%40responsive&new=222494%40responsive&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/dbe0cc57-a17d-4f91-887f-fe819b32f6b3?source=cvehttp://www.openwall.com/lists/oss-security/2024/04/22/1https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=222494%40responsive&new=222494%40responsive&sfp_email=&sfph_mail=https://www.wordfence.com/threat-intel/vulnerabilities/id/dbe0cc57-a17d-4f91-887f-fe819b32f6b3?source=cve
2024-03-29
Published
Exploited in the wild