The MultiManager WP – Manage All Your WordPress Sites Easily plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.5. This is due to the user impersonation feature inappropriately determining the current user via user-supplied input. This makes it possible for unauthenticated attackers to generate an impersonation link that will allow them to log in as any existing user, such as an administrator. NOTE: The user impersonation feature was disabled in version 1.1.0 and re-enabled with a patch in version 1.1.2.
#TRAINING

Learn ethical hacking skills with hands-on labs and education from cyber security experts.

Courses to learn more about blue team skills. Check out our hands-on courses to gain and sharpen investigation/detection skills.

Learn to secure the web one step at a time, with our practical, interactive learning materials. Covering the latest research, and completely free.

Our industry-leading platform is the most effective solution for learning modern binary exploitation through a world-class curriculum developed by RET2. Acquire the skills necessary to perform independent vulnerability research.

SecureWeb3 Academy offers online training courses to provide awareness of a range of web3 risks and threats and how to mitigate these. our training delivers the latest information and valuable insights to help you and your organisation navigate the emerging landscape of web3 technology with confidence.

linux-training.be gives you books for free to study Linux.

Free Training Tutorials & Videos for IT Courses.

A free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

AttackIQ Academy combats cyberthreats with free courses by top experts. Enjoy hands-on learning in MITRE ATT&CK®, purple teaming, and breach & attack simulation, earning badges and certifications. Enhance your cybersecurity skills at no cost as part of the Informed Defender Community. Join us and become a cybersecurity hero today!

The Ethernaut is a Web3/Solidity based wargame played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'. The game is 100% open source and all levels are contributions made by other players.

Have fun hacking our virtual machines and learning.

A fun, free platform for learning modern cryptography.

The fast, easy, and affordable way to train your hacking skills.

The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.

Developer security training from Snyk. Snyk Learn teaches developers how to stay secure with interactive lessons exploring vulnerabilities across a variety of languages and ecosystems.

Whether you've just started your hacker journey or you're just looking for some new challenges, the Hacker101 CTF has something for you.

exploit.education provides a variety of resources that can be used to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cyber security issues.

The cybersecurity upskilling platform. Hack The Box gives individuals, businesses and universities the tools they need to continuously improve their cybersecurity capabilities — all in one place.

An intro to binary exploitation / reverse engineering course based around ctf challenges.

Training services from Alex Ionescu and Yarden Shafir.

Node.js Secure Coding blog and educational training content. Master hands-on Node.js security with Node.js Secure Coding education and learn how to defend against JavaScript Command Injection vulnerabilities and gain backend development skills to exploit and prevent Path Traversal attacks by reviewing real-world vulnerable npm packages and insecure code.

Experience, real-world, byte sized cloud security labs for training cyber warriors. From beginners to pros, our engaging platform allows you to secure your defenses, ignite your career and stay ahead of threats.

A comprehensive module-based malware development course that provides fundamental to advanced level training|