logo
The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2. This is due to insufficient verification on the OpenID server being supplied during the social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.

Packet Storm

Global Security Resource. In these times where a new major data breach occurs on a daily basis, it is important for the personal Internet user, corporations, and governments to stay aware of vulnerabilities that may affect their systems. Packet Storm provides around-the-clock information and tools in order to help mitigate both personal data and fiscal loss on a global scale. As new information surfaces, Packet Storm releases everything immediately through it's RSS feeds, Twitter, and Facebook. The site is referenced in over a hundred books and has a history of being spotlighted in the news.

Listed: