CVE ID : CVE-2024-13217 Published : Feb. 27, 2025, 12:15 p.m. | 58 minutes ago Description : The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11 via the ‘expired_data’ and ‘build_content’ functions. This makes it possible for authenticated attackers, with Contributor-level access and above, […]
The following table lists the changes that have been made to the CVE-2024-10918 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 27, 2025 Action […]
CVE ID : CVE-2025-1450 Published : Feb. 27, 2025, 10:15 a.m. | 58 minutes ago Description : The Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button, WhatsApp – Chaty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-hover’ parameter in all versions up to, and including, […]
CVE ID : CVE-2024-13734 Published : Feb. 27, 2025, 10:15 a.m. | 58 minutes ago Description : The Card Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Profile Card widget in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied […]
Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized ac … Read more Published Date: Feb 27, 2025 (3 hours, 45 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-23363
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity com … Read more Published Date: Feb 27, […]
The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_post_photo() and add_car() functions in all versions up to, and including, 1.6.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the […]
The following table lists the changes that have been made to the CVE-2025-1690 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 27, 2025 Action […]
CVE ID : CVE-2025-1717 Published : Feb. 27, 2025, 8:15 a.m. | 45 minutes ago Description : The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.2. This is due to insecure authentication based on an arbitrary transient name in the ‘AutoLogin::listen()’ function. This makes it possible […]
A reflected cross-site scripting (XSS) vulnerability exists in multiple WSO2 products due to improper input validation. User-supplied data is directly included in server responses from vulnerable service endpoints without proper sanitization or encoding, allowing an attacker to inject malicious JavaScript. Successful exploitation could lead to UI manipulation, redirection to malicious websites, or data exfiltration from […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
