CVE ID : CVE-2025-7499 Published : Aug. 16, 2025, 8:15 a.m. | 24 minutes ago Description : The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the […]
Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) – Technical Details Revealed Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, d … Read more Published Date: Aug 16, 2025 (1 hour, 14 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-25256
CVE ID : CVE-2025-8896 Published : Aug. 16, 2025, 7:15 a.m. | 1 hour, 24 minutes ago Description : The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gdpr_communication_preferences[]’ parameter in all versions up to, and including, 3.14.3 due to […]
CVE ID : CVE-2025-8089 Published : Aug. 16, 2025, 7:15 a.m. | 1 hour, 24 minutes ago Description : The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘additional’ parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated […]
The following table lists the changes that have been made to the CVE-2025-8898 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Aug. 16, 2025 Action […]
CVE ID : CVE-2025-8113 Published : Aug. 16, 2025, 6:15 a.m. | 19 minutes ago Description : The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER[‘REQUEST_URI’] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers. Severity: 0.0 | NA Visit the link for […]
The following table lists the changes that have been made to the CVE-2025-38501 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Aug. 16, 2025 Action […]
Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware Aug 16, 2025Ravie LakshmananMalware / Vulnerability The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payload … Read more Published Date: Aug 16, 2025 (1 hour, 36 minutes ago) Vulnerabilities has been mentioned in […]
CVE ID : CVE-2025-8293 Published : Aug. 16, 2025, 4:16 a.m. | 2 hours, 18 minutes ago Description : The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for […]
CVE ID : CVE-2025-7686 Published : Aug. 16, 2025, 4:16 a.m. | 2 hours, 18 minutes ago Description : The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
