CVE ID : CVE-2025-0918 Published : Feb. 22, 2025, 1:15 p.m. | 38 minutes ago Description : The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject […]
CVE ID : CVE-2024-13869 Published : Feb. 22, 2025, 1:15 p.m. | 38 minutes ago Description : The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘upload_files’ function in all versions up to, and including, 0.9.112. This makes it […]
In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usb_cdc_notification, we can’t calculate an expected_size. Log an error and discard the notification instead of reading lengths from memory outside the received data, which can lead to memory […]
The following table lists the changes that have been made to the CVE-2025-1553 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 22, 2025 Action […]
CVE ID : CVE-2025-1361 Published : Feb. 22, 2025, 9:15 a.m. | 37 minutes ago Description : The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks on the admin_init() function. This makes it possible for unauthenticated attackers to view […]
CVE ID : CVE-2024-13564 Published : Feb. 22, 2025, 9:15 a.m. | 37 minutes ago Description : The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Writing Effect Headline shortcode in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping on […]
How I found my first mistake Or why you shouldn’t overlook the obvious. My story won’t be too long, I am a novice hunter and I want to tell you about how I found my first bug . It’s not a manual on how to find a bug.I chose site and did a quick analysis […]
CVE ID : CVE-2024-13798 Published : Feb. 22, 2025, 5:15 a.m. | 37 minutes ago Description : The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for […]
CVE ID : CVE-2024-12467 Published : Feb. 22, 2025, 5:15 a.m. | 37 minutes ago Description : The Pago por Redsys plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Ds_MerchantParameters’ parameter in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated […]
CVE ID : CVE-2024-12038 Published : Feb. 22, 2025, 5:15 a.m. | 37 minutes ago Description : The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘buddyforms_nav’ shortcode in all versions up to, […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
