Local File Inclusion (LFI) Due to Untrusted User Input
From analysing a WordPress plugin and exploiting it to get the flag.
Local File Inclusion (LFI) vulnerability due to unvalidated user input. This analysis is based on a Patchstack CTF exercise concerning a WordPress instance.
medium.com/@kr.sulabhja...
#ctf #cybersecutity #wordpress
27.05.2025 14:00 — 👍 0 🔁 0 💬 0 📌 0
Chaining Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure to…
From analysing a WordPress plugin and exploiting it to get the flag.
Let's explore the chaining of Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure vulnerabilities within WordPress, leveraging the Semgrep tool for vulnerability discovery.
Here is my write-up on the same:
medium.com/@kr.sulabhja...
#cybersecurity #wordpress
26.05.2025 10:50 — 👍 0 🔁 0 💬 0 📌 0
Patchstack Alliance CTF S02E02 — Road to WordCamp Europe
From analysing a WordPress plugin and exploiting it to get the flag.
Here is my writeup on how a classic JWT confusion vulnerability lead to vertical privilege escalation. This is caused due to improper token handling ....
medium.com/@kr.sulabhja...
#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity
21.05.2025 07:28 — 👍 1 🔁 0 💬 0 📌 0
🚨 Security Alert: P1 Vulnerability Identified 🚨
Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!
#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech
25.04.2025 18:35 — 👍 0 🔁 0 💬 0 📌 0
Penetration tester with focus on internals, wireless, physical security, web app. Passionate about #opensource #linux #privacy and everything #cybersecurity.
Other interests include: #bugbounty #lockpicking #locksport #guitar #hardrock and #astronomy.
Software Developer / Desarrollador
de Software. 🇪🇸 Ⓥ
#Python, #Java, #TypeScript & #JavaScript.
Embracing #CleanCode, #TDD, #XP #DDD
sergioperea.is-a.dev
CTF player with The Flat Network Society - bug bounty & web security research
Interested in infosec / hacking / osint / dfir / bugbounty!
Formerly Zerocopter.com, currently Head of Triage at Intigriti.com
Head CSIRT over at divd.nl
Hacknotcrime Advocate
Aut viam inveniam aut faciam.
Hacker, command injector and crowdsourced security enthusiast
Full Time Bug Bounty Huner
Security Researcher | Speaker | Cooker
LevelUpX Champion 2022/2023
Team Hunt - Hack Cup Winner 2022/2023
15+ 0Day
CVE-2022-21500 | CVE-2022-21567
Top 3 Bugcrowd P1 Warrior
Hack stuff
CTF Player (sometimes)
they/them 🏳️🌈
header from hologender
Blog at blog.sparrrgh.me
Previously Blue team, now more on the Threat Intel side and interested by OSINT.
Learning ARM reverse engineering for fun.
Books and Music when possible.
Opinions are my own. Reposts are not endorsements.
Dad 👨👩 Believer ✝️ Self improver 💪🏻 Minimalist 👤.
Software Engineer by day, Cybersec enthusiast and Bug Bounty Hunter the rest of the time
Co-founder at @BotCity (YC W22)
OSS Maintainer at MarvinJ and Marvin
Computer Scientist, AI, Open Source
Frontend dev interested in browser and client-side stuff
The AI-powered developer platform to build, scale, and deliver secure software.
✦ I write code for your entertainment
⮕ Head of Developer Education at @nordcraft.com
⦿ Manchester, UK
▨ Enter the weird wide web hole: whitep4nth3r.com/newsletter
Sr. Dev Advocate 🥑 • 🎙Podcaster pizzadedados.com • Creator of gitfichas.com • Author • GitHub ⭐️ • Pythonista • games & cross stitch & knitting & 3D printing • 🇧🇷 & 🇨🇦 • she/her • married to @jairojair.com
👨🚀 Astrocoder, Sr Engineer @ Shopify
⭐️ GitHub Star
👨🏫 spacejelly.dev
📺 https://youtube.com/colbyfayock
🇧🇷💞👩❤👨
VP of Software Engineering | @GitHub.com Star | Microsoft MVP | @playfulprogramming.com Partner | @TanStack.com Maintainer | Twitch Streamer (http://twitch.tv/crutchcorn) 💅💅💅
Dual Microsoft MVP, Inaugural GitHub Star, creator of dbatools, author http://dbatools.io/book and AI for Everyday IT from Manning Publications.
Creator of @mutesky.app 🏳️🌈
Totally into AI, SQL Server and PowerShell.
📍 Very North of France
Senior Software Engineer at Chocolatey Software, Inc. (@chocolatey.org). Microsoft MVP and GitHub ⭐️ #RRMS #Dad #Husband #Chocolatey #Cake #GitReleaseManager
Staff Engineer, Google Dev Expert ,
Github star, MVP
OSS Advocate
Co-Founder Thisis_Learning
https://www.youtube.com/@TechTalksWithSantosh
https://dev.to/santoshyadavdev
views my own
