CVE ID : CVE-2024-13805 Published : March 7, 2025, 10:15 a.m. | 37 minutes ago Description : The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.2.14 due to insufficient input sanitization […]
CVE ID : CVE-2024-13668 Published : March 7, 2025, 10:15 a.m. | 37 minutes ago Description : The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-13857 Published : March 7, 2025, 10:15 a.m. | 37 minutes ago Description : The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.10. This makes it possible for authenticated attackers, with Administrator-level access and above, […]
CVE ID : CVE-2024-13635 Published : March 7, 2025, 10:15 a.m. | 37 minutes ago Description : The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.94.2.2 via the page content block. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract […]
CVE ID : CVE-2024-13552 Published : March 7, 2025, 10:15 a.m. | 37 minutes ago Description : The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.3.0 via file upload due to missing validation on a user controlled key. […]
The following table lists the changes that have been made to the CVE-2025-21843 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Mar. 07, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-21841 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Mar. 07, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-21842 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Mar. 07, 2025 Action […]
In the Linux kernel, the following vulnerability has been resolved: thermal/netlink: Prevent userspace segmentation fault by adjusting UAPI header The intel-lpmd tool [1], which uses the THERMAL_GENL_ATTR_CPU_CAPABILITY attribute to receive HFI events from kernel space, encounters a segmentation fault after commit 1773572863c4 (“thermal: netlink: Add the commands and the events for the thresholds”). The issue […]
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_midi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set incorrectly in these descriptors. This does not matter when the numbers of in and […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
