Joshua MartinelleinTenable TechBlogCVE-2024–8182 : Accidental Discovery of an Unauthenticated DoSWhile reviewing some LLM related products with the team, we came across FlowiseAI.Sep 13Sep 13
Joshua MartinelleinTenable TechBlogSolidus — Code ReviewAs a Research Engineer at Tenable, we have several periods during the year to work on a subject of our choice, as long as it represents an…Jun 10Jun 10
Joshua MartinelleinTenable TechBlogWordPress : From vulnerability identification to compromisingWordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…May 29May 29
Joshua MartinelleinTenable TechBlogWordPress MyCalendar Plugin — Unauthenticated SQL Injection(CVE-2023–6360)WordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…Jan 2Jan 2
Joshua MartinelleinTenable TechBlogWordPress BuddyForms Plugin — Unauthenticated Insecure Deserialization (CVE-2023–26326)WordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…Mar 7, 2023Mar 7, 2023
Joshua MartinelleinTenable TechBlogMultiples WordPress plugins CVE analysisWordPress Core is the most popular web Content Management System (CMS). This free and open-source CMS written in PHP allows developers to…Jan 24, 20231Jan 24, 20231