CVE ID : CVE-2025-0554 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version <= 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level […]
CVE ID : CVE-2025-0308 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the search parameter in all versions up to, and including, 2.9.1 due to insufficient […]
CVE ID : CVE-2024-9020 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and […]
CVE ID : CVE-2025-0318 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.9.1 through different error messages in the responses. This […]
CVE ID : CVE-2024-13516 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘message’ parameter in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for […]
CVE ID : CVE-2024-13515 Published : Jan. 18, 2025, 6:15 a.m. | 31 minutes ago Description : The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘path’ parameter in all versions up to, and including, 2.28.0 due to insufficient input sanitization and output […]
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Sal … Read more Published Date: Jan 18, 2025 (41 minutes ago) Vulnerabilities has been […]
CVE ID : CVE-2024-12071 Published : Jan. 18, 2025, 4:15 a.m. | 35 minutes ago Description : The Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_network_post() function in all versions up […]
CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw Security researchers published the technical details and a proof-of-concept (PoC) exploit code for CVE-2025-0107, a vulnerability in Palo Alto Networks’ Expedition migration tool that could allow rem … Read more Published Date: Jan 18, 2025 (1 hour, 31 minutes ago) Vulnerabilities has been mentioned in this […]
The following table lists the changes that have been made to the CVE-2025-23209 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 18, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
