Security Links
The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nsl_registration_store_extra_input' function. This makes it possible for unauthenticated attackers to register an account on the site with an arbitrary role, including Administrator, when registering via a social login. The Nextend Social Login plugin must be installed and configured to exploit the vulnerability.
#RESOURCE
Cybersecurity Stash

The Ultimate Cybersecurity Resource List. A curated directory of cybersecurity tools and resources for infosec professionals.

https://cybersecuritystash.com/
National Cybersecurity Alliance

Resources + Guides Stay safe online.Our collection of digital resources, at your virtual fingertips.We want to make it easy for everyone to learn more.

https://staysafeonline.org/resources/
Synack Resource Hub

Check out the Synack Resource Hub for the latest company events, news, and research.

https://www.synack.com/resource-hub/
OSCP Cheat Sheet

Commands, Payloads and Resources for the OffSec Certified Professional Certification (OSCP).

https://github.com/0xsyr0/OSCP
NIST Computer Security Resource Center

The Computer Security Resource Center (CSRC) has information on many of NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports people and organizations in government, industry, and academia—both in the U.S. and internationally.

https://csrc.nist.gov/