Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
January 5, 2023Rewterz Threat Advisory – CVE-2023-0038 – WordPress AYS Pro Plugins Survey Maker Plugin Vulnerability
January 5, 2023Rewterz Threat Alert – Ursnif Banking Trojan aka Gozi – Active IOCs
January 5, 2023Rewterz Threat Advisory – CVE-2023-0038 – WordPress AYS Pro Plugins Survey Maker Plugin Vulnerability
January 5, 2023Severity
High
Analysis Summary
CVE-2023-0039
ODude UPG plugin for WordPress could allow a remote attacker to execute arbitrary commands on the system, caused by an authorization bypass flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
Command Execution
Indicators Of Compromise
CVE
- CVE-2023-0039
Affected Vendors
WordPress
Affected Products
- ODude UPG plugin for WordPress 2.19
Remediation
Upgrade to the latest version of ODude UPG plugin for WordPress, available from the WordPress Plugins Directory.