Marc-Alexandre Montpas - Sucuri Security Researcher

Marc's passion for code and IT security has no limit. You'll generally find him competing in Capture-the-Flag (CTF) competitions or searching for security vulnerabilities in widespread products for the fun of it. He's also a great fan of heavy metal music. Follow him on Twitter at @mars0h.

About Marc-Alexandre Montpas

Marc’s passion for code and IT security has no limit. You'll generally find him competing in Capture-the Flag (CTF) competitions or searching for security vulnerabilities in widespread products for the fun of it. He's also a great fan of japanese heavy metal music. Follow him on Twitter at @marcs0h.

September 25, 2019Marc-Alexandre Montpas

Zero-Day RCE in vBulletin v5.0.0-v5.5.4

A new remote code execution (RCE) zero-day vulnerability has been disclosed by an anonymous researcher on the full disclosure mailing list this past Monday. This vulnerability is extremely severe. It allows any website visitors to run PHP code and shell commands on the site’s underlying…

September 13, 2019Marc-Alexandre Montpas

Dissecting the WordPress 5.2.3 Update

Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to day work is to analyse…

June 11, 2019Marc-Alexandre Montpas

Stored XSS in MyBB <= 1.8.20

The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing a Stored XSS vulnerability in the private messaging and post…

June 4, 2019Marc-Alexandre Montpas

OS Command Injection in WP-Database-Backup

On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the Wordfence team. This is a very nasty bug which made…

April 5, 2019Marc-Alexandre Montpas

SQL Injection in Duplicate-Page WordPress Plugin

While investigating the Duplicate Page plugin, we have discovered a dangerous SQL Injection vulnerability. Though the plugin wasn’t abused externally, the vulnerability impacted over 800,000 sites. Its urgency is defined…

March 28, 2019Marc-Alexandre Montpas

SQL Injection in Magento Core

Magento has released a new security update fixing multiple types of vulnerabilities including Cross-Site Request Forgery, Cross-Site Scripting, SQL Injection, and Remote Code Execution. To be exploited, the majority of…

March 26, 2019Marc-Alexandre Montpas

Stored XSS Patched in WordPress 5.1.1

WordPress recently released an update, 5.1.1, which patches a stored XSS vulnerability in the platform’s comment system. Even 10 days after the release of this security patch, around 60% of…

March 21, 2019Marc-Alexandre Montpas

Zero-Day Stored XSS in Social Warfare

A zero-day vulnerability has just appeared in the WordPress plugin world, affecting over 70,000 sites using the Social Warfare plugin. The plugin is vulnerable to a Stored XSS (Cross-Site Scripting)…

March 21, 2019Marc-Alexandre Montpas

0day Vulnerability in Easy WP SMTP Affects Thousands of Sites

The Easy WP SMTP plugin authors have released a new update, fixing a very critical 0day vulnerability. When leveraged, this vulnerability gives unauthenticated attackers the power to modify any options…

March 18, 2019Marc-Alexandre Montpas

Arbitrary Directory Deletion in WP-Fastest-Cache

The WP-Fastest-Cache plugin authors released a new update, version 0.8.9.1, fixing a vulnerability (CVE-2019-6726) present during its install alongside the WP-PostRatings plugin. According to seclists.org: “A successful attack allows an…

March 13, 2019Marc-Alexandre Montpas

Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro

While investigating the SiteGround Optimizer and Caldera Forms Pro plugins we have discovered a critical privilege escalation vulnerability. It was not being abused externally and impacts over 500,000 sites. It’s…