AppCheck Security Blog

Umbraco ApplicationURL Overwrite & Persistent Password Reset Poison (CVE-2022-22690 & CVE-2022-22691)

read more

Umbraco ApplicationURL Overwrite & Persistent Password Reset Poison (CVE-2022-22690 & CVE-2022-22691)

Read more

Apache Log4j 2 Vulnerability (CVE-2021-44228)

A remote code execution vulnerability (CVE-2021-44228) is affecting multiple versions of the Apache Log4j 2 library.

Read more

Security Advisory: Duplicate Post WordPress Plugin SQL Injection Vulnerability (CVE-2021-43408)

The AppCheck Research team identified a security flaw within the “Duplicate Post” WordPress plugin. The plugin has been downloaded 155,421 times at the time of writing. This blog post details the finding along with remediation advice.

Read more

WordPress + Microsoft Office 365 / Azure AD | LOGIN Persistent Cross-Site Scripting (CVE-2021-43409)

The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).

Read more

Apache 2.4.50 (CVE-2021-42013) & 2.4.49 (CVE-2021-41773) Remote Code Execution / Path Traversal Vulnerability

A previous version of this article recommended updating to 2.4.50 to address the vulnerability in 2.4.49, however the fix in 2.4.50 has been now been shown to be incomplete therefore it is recommended to update to 2.4.51.

Read more

Security Advisory: Persistent XSS via Avatar Upload in Kentico CMS (CVE-2021-43991)

The Kentico CMS (13.0.4001.0 Xperience platform version tested locally) is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).

Read more

Umbraco Forms File Upload Vulnerability: Technical Analysis (CVE-2021-37334)

On the 15th of July 2021 Umbraco and AppCheck released a Security Advisory to alert users of a vulnerability within the Umbraco Forms component that could be exploited to gain remote code execution on the affected system.

Read more

Advisory: CVE-2020-29045 - Unauthenticated RCE via Arbitrary Object Deserialisation in Five Star Restaurant Menu - WordPress Ordering Plugin

It is possible to gain Unauthenticated Remote Code Execution (RCE) on any WordPress instance that is using this plugin, due to the unsafe use of unserialize for the parsing of unsanitised user input, via the cookie fdm_cart used within includes/class-cart-manager.php

Read more

Advisory: CVE-2020-29047 - Unauthenticated RCE via Arbitrary Object Deserialisation in WordPress Hotel Booking Plugin

CVE: CVE-2020-29047
Severity: HIGH
Vulnerability Type: CWE-502: Deserialization of Untrusted Data
Requires Authentication: No

Read more

vBulletin Zero Day Details & Plug-in

Security researcher Amir Etemadieh has released a pre-authentication zero-day remote command execution (RCE) exploit in vBulletin. This exploit is bypasses the patch for a previous RCE in vBulletin 5.0 through 5.4 and has since been assigned CVE-2019-16759.

Read more