Security Links
The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.4. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'user_register_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
#OPEN-SOURCE
GitHub Topics - Pentesting

GitHub public repositories matching the '#pentesting' topic.

https://github.com/topics/pentesting
GitHub Topics - Malware

GitHub public repositories matching the '#malware' topic.

https://github.com/topics/malware
GitHub Topics - Reverse Engineering

GitHub public repositories matching the '#reverse-engineering' topic.

https://github.com/topics/reverse-engineering
GitHub Security Lab Archives

Blog from GitHub Security Lab.

https://github.blog/tag/github-security-lab/
GitHub Topics - Redteam

GitHub public repositories matching the '#redteam' topic.

https://github.com/topics/redteam
GitHub Topics - Hacking

GitHub public repositories matching the '#hacking' topic.

https://github.com/topics/hacking
GitHub Topics - Security

GitHub public repositories matching the '#security' topic.

https://github.com/topics/security
GitHub Security Lab CTF

Do you want to challenge your vulnerability hunting skills? We created these CTF challenges to allow you to do exactly that, while helping you to quickly learn CodeQL.

https://securitylab.github.com/ctf/
GitHub Security Lab Bug Bounty

The CodeQL Bug Bounty program operated by the GitHub Security Lab aims at scaling the security research community’s work across open source projects. The All For One protects against future vulnerabilities by coding and eradicating a pattern, while the Bug Slayer fixes existing occurrences of this pattern. A bounty hunter can apply to both programs sequentially to maximize their positive impact on open source projects, and their gain.

https://securitylab.github.com/bounties/
GitHub Security Lab Advisories

GitHub Security Lab researchers find vulnerabilities in key, widely-used open source projects. We then coordinate the disclosure of those vulnerabilities to security teams at those projects. We only publish vulnerabilities here after they’ve been announced by the affected projects' development teams and patches are available. See our disclosure policy below for more information.

https://securitylab.github.com/advisories/