New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks Vulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into … Read more Published Date: Jan 30, 2025 (4 hours, 40 minutes ago) Vulnerabilities has been […]
CVE ID : CVE-2024-12921 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ethereum-ico shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes […]
CVE ID : CVE-2024-12709 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The Bulk Me Now! WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. Severity: 0.0 | NA Visit the link […]
CVE ID : CVE-2024-12708 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The Bulk Me Now! WordPress plugin through 2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role […]
CVE ID : CVE-2024-12638 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-12400 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, […]
CVE ID : CVE-2024-12163 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and […]
CVE ID : CVE-2024-10309 Published : Jan. 30, 2025, 6:15 a.m. | 1 hour, 35 minutes ago Description : The Tracking Code Manager WordPress plugin before 2.4.0 does not sanitise and escape some of its metabox settings when outputing them in the page, which could allow users with a role as low as Contributor to perform Cross-Site […]
The following table lists the changes that have been made to the CVE-2025-23374 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 30, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-0662 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 30, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
