MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) – Here’s What You Need to Know CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow atta … Read more Published Date: Feb 28, 2025 (1 hour, 14 minutes ago) Vulnerabilities […]
CVE ID : CVE-2025-1572 Published : Feb. 28, 2025, 8:15 a.m. | 1 hour, 59 minutes ago Description : The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the ‘u_id’ parameter in all versions up to, and including, 3.6.7 due to insufficient escaping on the user supplied parameter […]
Cleveland Municipal Court Remains Closed Due to Ongoing Cybersecurity Incident Cleveland Municipal Court has been closed for three consecutive days following a cybersecurity incident that has disrupted its internal systems. The court announced the closure on Monday and has since … Read more Published Date: Feb 28, 2025 (2 hours, 53 minutes ago) Vulnerabilities has been mentioned […]
CVE ID : CVE-2025-1571 Published : Feb. 28, 2025, 7:15 a.m. | 45 minutes ago Description : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Animated Text and Image Comparison Widgets in all versions up to, and including, 2.7.6 due to insufficient input sanitization and output escaping […]
CVE ID : CVE-2025-1405 Published : Feb. 28, 2025, 7:15 a.m. | 45 minutes ago Description : The Product Catalog Simple plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s show_products shortcode in all versions up to, and including, 1.7.11 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
CVE ID : CVE-2025-0764 Published : Feb. 28, 2025, 7:15 a.m. | 45 minutes ago Description : The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the ‘update’ method of the ‘Members’ class in all versions up to, and including, 2.4.1. This makes it possible for authenticated […]
CVE ID : CVE-2025-1513 Published : Feb. 28, 2025, 6:15 a.m. | 1 hour, 45 minutes ago Description : The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Name and Comment field when commenting […]
CVE ID : CVE-2025-1511 Published : Feb. 28, 2025, 6:15 a.m. | 1 hour, 45 minutes ago Description : The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘s’ parameter in all versions up to, and including, 4.0.4 due to insufficient […]
CVE ID : CVE-2025-1506 Published : Feb. 28, 2025, 6:15 a.m. | 1 hour, 45 minutes ago Description : The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.0. This is due to missing or incorrect nonce validation on the counter_access_key_setup() function. […]
CVE ID : CVE-2024-12820 Published : Feb. 28, 2025, 6:15 a.m. | 1 hour, 45 minutes ago Description : The MK Google Directions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘MKGD’ shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on user supplied attributes. […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
