wpForo Forum Security Advisories
Technical analysis of multiple vulnerabilities found on wpForo Forum plugin in Wordpress.
Posts by Collection
advisories
Unauthenticated Arbitrary File Read in Jobify Theme
Technical analysis of an unauthenticated file read vulnerability in Jobify theme <= 4.2.3
Privilege Escalation in Better Find and Replace Plugin
Technical analysis of a subscriber+ privilege escalation in Better Find and Replace plugin <= 1.6.7
blogs
Razer OTP Bypass
Technical analysis of how I was able to bypass OTP code requirement in Razer.
Destructuring CVE-2023-26045: NodeBB Code Execution Vulnerability
Technical analysis of CVE-2023-26045 to achieve code execution on NodeBB < 2.8.7
Exploring the Unknown: Beneath the Surface of Unpatched WordPress SSRF
Research on additional vulnerability scenario of the root cause of WordPress Core Blind SSRF.
The Most Beautiful Payment Bypass - Is It Not?
Technical analysis of a payment bypass in the Prestashop integration of Stripe.
misc
I Cracked OSWE at 18
My journey and review of AWAE/OSWE (WEB-300) by Offensive Security.