The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for unauthenticated attackers to change arbitrary users' email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. Additionally, the plugin returns authentication cookies in the response, which can be used to access the account directly.
#TRACK

RansomLook is an open-source project aimed at assisting users in tracking ransomware-related posts and activities across various sites, forums, and Telegram channels.

Ransomwatch trails the extortion sites used by ransomware groups and surfaces an aggregated feed of claims.

Displays images from hundreds of webcams, cameras around the world, including a description of the web cam location. and Displays worldwide webcam images on the Google map.

An OpenStreetMap-based project for creating a map of the world's railway infrastructure.

Worldwide live positions of trains, busses, trams and other public transport vehicles. Find out if your train is on time and see where it is located right now.

This site displays telemetry from Amateur Radio high-altitude balloon launches, using the SondeHub-Amateur database.

Live Flight Tracker and Airport Status.

Ransomwhere is the open, crowdsourced ransomware payment tracker. Browse and download ransomware payment data or help build our dataset by reporting ransomware demands you have received.

Live view of SpaceX starlink satellite constellation and coverage.