Security Links
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
#TECHNIQUES
Red Team Techniques

Discover RTT, the leading resource for Red Team Tools, Techniques, and Commands. Stay ahead of advanced persistent threats (by MITRE) with insights and guidance from seasoned security professionals. Explore now at rtt.secdu.de.

https://rtt.secdude.de/
Hacking The Cloud

Hacking the cloud is an encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure. The goal is to share this knowledge with the security community to better defend cloud native technologies.

https://hackingthe.cloud/