How One Path Traversal in Grafana Unleashed XSS, Open Redirect and SSRF (CVE-2025–4123) Abusing Client Path Traversal to Chain XSS, SSRF and Open Redirect in GrafanaIntroductionA high-severity security vulnerability has been discovered in Grafana, identified as CVE-2025–4123, which combi … Read more Published Date: Jun 03, 2025 (2 hours, 37 minutes ago) Vulnerabilities has been mentioned in […]
CVE ID : CVE-2025-4797 Published : June 3, 2025, 5:15 a.m. | 54 minutes ago Description : The Golo – City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.7.0. This is due to the plugin not properly validating a user’s identity […]
New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch Browser Security / Vulnerability Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in th … Read more Published Date: Jun 03, 2025 (1 hour, 24 minutes ago) Vulnerabilities has been […]
CVE ID : CVE-2025-4224 Published : June 3, 2025, 3:15 a.m. | 43 minutes ago Description : The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via media upload names in all versions up to, and including, 3.1.3 due to insufficient input sanitization and output escaping. This makes it possible […]
CVE ID : CVE-2025-4047 Published : June 3, 2025, 3:15 a.m. | 43 minutes ago Description : The Broken Link Checker plugin for WordPress is vulnerable to unauthorized data access due to a missing capability check on the ajax_full_status and ajax_dashboard_status functions in all versions up to, and including, 2.4.4. This makes it possible for authenticated […]
CVE ID : CVE-2025-2939 Published : June 3, 2025, 3:15 a.m. | 43 minutes ago Description : The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.0.18 via deserialization of untrusted input from the args[callback] parameter . This makes it possible […]
Google Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code Google has released an emergency security update for Chrome after confirming that a critical zero-day vulnerability is being actively exploited by attackers in the wild. The vulnerability, tracked as … Read more Published Date: Jun 03, 2025 (2 hours, 3 minutes ago) Vulnerabilities has been […]
FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk Image: João Domingos Security researcher João Domingos has published a comprehensive breakdown of a full exploit chain affecting the FiberGateway GR241AG router, used by over 1.6 million households in … Read more Published Date: Jun 03, 2025 (2 hours, 51 minutes ago) Vulnerabilities has been mentioned in this article. […]
Linux Flaws Expose Sensitive Data via Core Dumps In a recent disclosure, the Qualys Threat Research Unit (TRU) has unearthed two local information disclosure vulnerabilities affecting core crash-reporting mechanisms in major Linux distributions. Ass … Read more Published Date: Jun 03, 2025 (2 hours, 59 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-5054 CVE-2025-4598 CVE-2023-52447
Kaspersky Report Reveals Growing Threat from Old Exploits and OS Vulnerabilities in Q1 2025 Kaspersky’s latest “Exploits and vulnerabilities in Q1 2025” shows that attackers are doubling down on aging exploits, platform-specific weaknesses, and mismanaged updates. With over 9,700 vulnerabili … Read more Published Date: Jun 03, 2025 (3 hours, 23 minutes ago) Vulnerabilities has been mentioned […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
