Security Links
The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action() function in versions 0.1 to 0.1.1. The plugin’s registration handler reads the client-supplied $_POST['user_role'] and passes it directly to wp_insert_user() without restricting to a safe set of roles. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.
#BINARY-EXPLOITATION
x86matthew

Blog about Windows NT.

https://www.x86matthew.com/
RET2 Wargames

Our industry-leading platform is the most effective solution for learning modern binary exploitation through a world-class curriculum developed by RET2. Acquire the skills necessary to perform independent vulnerability research.

https://wargames.ret2.systems/
Nightmare

An intro to binary exploitation / reverse engineering course based around ctf challenges.

https://guyinatuxedo.github.io/
Crackmes

This is a simple place where you can download crackmes to improve your reverse engineering skills. If you want to submit a crackme or a solution to one of them, you must register. But before that, I strongly recommend you to read the FAQ. If you have any kind of question regarding the website, a crackme, feel free to join the discord chat.

https://crackmes.one/
Modern Binary Exploitation

Course materials for Modern Binary Exploitation by RPISEC.

https://github.com/RPISEC/MBE
Offensive Security & Reverse Engineering Course

This repository is for the Offensive Security and Reverse Engineering Course. I used to teaching at Champlain College and currently sharing it for free online (check the YouTube channel for the recordings).

https://github.com/ashemery/exploitation-course
CTF Workshop

Challenges for Binary Exploitation Workshop.

https://github.com/kablaa/CTF-Workshop