CVE ID : CVE-2025-4179 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The Flynax Bridge plugin for WordPress is vulnerable to limited Privilege Escalation due to a missing capability check on the registerUser() function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to register […]
CVE ID : CVE-2025-4131 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The GmapsMania plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s gmap shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it […]
CVE ID : CVE-2025-3746 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly validating a user’s identity prior to updating their details, […]
CVE ID : CVE-2025-3670 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The KiwiChat NextClient plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, […]
CVE ID : CVE-2025-4177 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser() function in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to […]
CVE ID : CVE-2025-2880 Published : May 2, 2025, 3:15 a.m. | 19 minutes ago Description : The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially […]
CISA Adds Two Vulnerabilities to KEV Catalog The Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities affecting Apache HTTP Server and SonicWall SMA100 appliances to its Known Exploited Vulnerabilities (KEV) … Read more Published Date: May 02, 2025 (2 hours, 25 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-38475 CVE-2023-44221
The following table lists the changes that have been made to the CVE-2025-4197 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 02, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-4196 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 02, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-29825 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] May. 02, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
