CVE-2024-5061
published 2024-08-30CVE-2024-5061: The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in…
PriorityP423medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.25%
16.2th percentile
The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kriesi | enfold | <= 6.0.3 | — |
| kriesi | enfold_responsive_multi-purpose_theme | <= 6.0.3 | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-52j9-r8mv-933c: The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' param
ghsa_unreviewed·2024-08-30
CVE-2024-5061 [MEDIUM] CWE-79 GHSA-52j9-r8mv-933c: The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' param
The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Red Hat
kernel: jfs: fix null ptr deref in dtInsertEntry
vendor_redhat·2024-08-26·CVSS 5.5
CVE-2024-44939 [MEDIUM] CWE-476 kernel: jfs: fix null ptr deref in dtInsertEntry
kernel: jfs: fix null ptr deref in dtInsertEntry
In the Linux kernel, the following vulnerability has been resolved:
jfs: fix null ptr deref in dtInsertEntry
[syzbot reported]
general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
CPU: 0 PID: 5061 Comm: syz-executor404 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
RIP: 0010:dtInsertEntry+0xd0c/0x1780 fs/jfs/jfs_dtree.c:3713
...
[Analyze]
In dtInsertEntry(), when the pointer h has the same value as p, after writing
name in UniStrncpy_to_le(), p->header.flag will be cleared. This will cause the
previously true judgment "
Suricata
ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
suricata·2015-03-11·CVSS 4.3
CVE-2015-0204 [MEDIUM] ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)
Rule: alert tcp any [21,25,110,143,443,465,587,636,989:995,5061,5222] -> $HOME_NET any (msg:"ET EXPLOIT FREAK Weak Export Suite From Server (CVE-2015-0204)"; flow:established,to_client; content:"|16 03|"; depth:2; byte_test:1,<,4,0,relative; content:"|02|"; distance:3; within:1; byte_jump:1,37,relative; content:"|00 19|"; within:2; fast_pattern; threshold:type limit,track by_dst,count 1,seconds 1200; reference:url,blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html; reference:cve,2015-0204; reference:cve,2015-1637; classtype:bad-unknown; sid:2020661; rev:4; metadata:created_at 2015_03_11, cve CVE_2015_0204, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_
Suricata
ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
suricata·2014-09-27·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
Rule: alert tcp any any -> $HOME_NET [5060,5061] (msg:"ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy"; flow:established,to_server; content:"|28 29 20 7b|"; fast_pattern; reference:url,github.com/zaf/sipshock; classtype:attempted-admin; sid:2019290; rev:4; metadata:created_at 2014_09_27, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
No public exploits indexed.
No writeups or analysis indexed.
2024-08-30
Published