CVE ID : CVE-2024-13584 Published : Jan. 22, 2025, 4:15 a.m. | 56 minutes ago Description : The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘videowhisper_pictures’ shortcode in all versions up to, and including, 1.5.19 due to insufficient input sanitization and output […]
Oracle Patches – January 2025 OverviewOracle has released a substantial Critical Patch Update for January 2025, addressing a total of 320 new security vulnerabilities across its wide-ranging product portfolio. This update spans ov … Read more Published Date: Jan 22, 2025 (3 hours, 37 minutes ago) Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2024-13426 Published : Jan. 22, 2025, 3:15 a.m. | 46 minutes ago Description : The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. […]
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model […]
The following table lists the changes that have been made to the CVE-2025-23089 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 22, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-23088 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 22, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-23087 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 22, 2025 Action […]
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model […]
The following table lists the changes that have been made to the CVE-2025-0625 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 22, 2025 Action […]
CVE ID : CVE-2024-13091 Published : Jan. 22, 2025, 12:15 a.m. | 56 minutes ago Description : The WPBot Pro WordPress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘qcld_wpcfb_file_upload’ function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
