logo_clicknbuy.png

Day: 12 April 2025

Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks

Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks A seven-year-old vulnerability in Cisco networking equipment continues to pose significant security risks, enabling attackers to execute remote code on unpatched systems. Discovered initially in 2018, … Read more Published Date: Apr 12, 2025 (1 hour, 6 minutes ago) Vulnerabilities has been mentioned in […]

CVE-2025-3102 impacts OttoKit WordPress Plugin

CVE-2025-3102 impacts OttoKit WordPress Plugin CVE-2025-3102 is a high-severity vulnerability discovered in the OttoKit WordPress plugin, previously known as SureTriggers. This vulnerability allows unauthorized attackers to bypass authentication m … Read more Published Date: Apr 12, 2025 (2 hours, 11 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-23010 CVE-2025-23009 CVE-2025-3102 CVE-2025-20156

CVE-2025-1456 – Elementor Royal Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1456 Published : April 12, 2025, 9:15 a.m. | 58 minutes ago Description : The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `widgetGrid`, `widgetCountDown`, and `widgetInstagramFeed` methods in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This […]

CVE-2025-1455 – WordPress Royal Elementor Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-1455 Published : April 12, 2025, 9:15 a.m. | 58 minutes ago Description : The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Woo Grid widget in all versions up to, and including, 1.7.1012 due to insufficient input sanitization and output escaping. This makes it […]

NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data

NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data A critical vulnerability in NVIDIA’s Container Toolkit, CVE-2024-0132, remains exploitable due to an incomplete patch, endangering AI infrastructure and sensitive data. Coupled with a newly discovered … Read more Published Date: Apr 12, 2025 (1 hour, 43 minutes ago) Vulnerabilities has been mentioned in this […]

CVE-2025-3418 – WordPress WPC Admin Columns Privilege Escalation Vulnerability

CVE ID : CVE-2025-3418 Published : April 12, 2025, 7:15 a.m. | 57 minutes ago Description : The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes […]

CVE-2025-3282 – WordPress User Registration & Membership Insecure Direct Object Reference

CVE ID : CVE-2025-3282 Published : April 12, 2025, 7:15 a.m. | 57 minutes ago Description : The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.3 via the user_registration_membership_register_member() due to missing validation […]

CVE-2025-3276 – SKT Blocks – WordPress Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-3276 Published : April 12, 2025, 7:15 a.m. | 57 minutes ago Description : The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Carousel block in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This […]