CISA Warns of ESURGE Malware Exploiting Ivanti RCE Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report (MAR-25993211-r1.v1) detailing the exploitation of a critical vulnerability in Ivanti Connect Secure de … Read more Published Date: Mar 29, 2025 (2 hours, 6 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-0282
The following table lists the changes that have been made to the CVE-2024-55895 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 29, 2025 Action […]
The following table lists the changes that have been made to the CVE-2024-11180 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 29, 2025 Action […]
CVE ID : CVE-2025-2840 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially […]
CVE ID : CVE-2025-2803 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.1. This is due to the software allowing users to execute an action that does not properly validate a […]
CVE ID : CVE-2025-2266 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the cwmpUpdateOptions() function in versions 8.6.5 to 8.7.5. This […]
CVE ID : CVE-2025-2249 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level […]
CVE ID : CVE-2025-2006 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for […]
CVE ID : CVE-2024-13557 Published : March 29, 2025, 7:15 a.m. | 24 minutes ago Description : The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate […]
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME types, etc.
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
