CVE-2025-12525

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockercosubmitpost' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...

CVE-2025-12525

creationtimestamp| type| source ---|---|--- 2025-11-25 09:14:36+00:00| seen| https://gist.github.com/Darkcrai86/f51a4ee7dab7eb5a1c2d552c9c4cab60...

CVE-2025-12525 Locker Content <= 1.0.0 - Unauthenticated Information Exposure

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockercosubmitpost' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...

CVE-2024-12525

creationtimestamp| type| source ---|---|--- 2025-02-18 05:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligixcvgzg2p 2025-02-18 07:56:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4745 2025-02-18 11:39:00+00:00| seen|...

CVE-2024-12525

The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-12525 Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-12525 Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Amazon Linux 2 : squid (ALASSQUID4-2023-008)

The version of squid installed on the remote host is prior to 4.11-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-008 advisory. A flaw was found in Squid through version 4.7. When handling the tag esi:when, when ESI is enabled, Squid calls the...

Amazon Linux 2 : squid (ALASSQUID4-2023-007)

The version of squid installed on the remote host is prior to 4.10-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-007 advisory. An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTT...

Mageia: Security Advisory (MGASA-2019-0266)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0265)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Schneider Electric Modicon Controllers and Software (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor : Schneider Electric Equipment : EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect x70, SCADAPack x70 RTUs, and Modicon M580 and M340 control products Vulnerabilities :...

SUSE: Security Advisory (SUSE-SU-2020:14460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:2089-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-12525

creationtimestamp| type| source ---|---|--- 2021-01-22 22:29:28+00:00| seen| https://t.me/cibsecurity/22536 2021-07-15 11:07:30+00:00| seen| https://t.me/icscert/462...

CVE-2020-12525

CVE-2020-12525 describes a deserialization of untrusted data in the fdtCONTAINER component used by M&M Software (and related products). Affected versions include below 3.5.20304.x and between 3.6 and 3.6.20304.x for the fdtCONTAINER component (and related application versions). The vulnerability ...

WAGO M&M Software fdtCONTAINER (Update C)

1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: Low skill level to exploit Vendor: M&M Software GmbH, a subsidiary of WAGO Kontakttechnik Equipment: fdtCONTAINER Vulnerability: Deserialization of Untrusted Data 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update titled...

NewStart CGSL CORE 5.04 / MAIN 5.04 : squid Multiple Vulnerabilities (NS-SA-2020-0060)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has squid packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function...

NewStart CGSL CORE 5.05 / MAIN 5.05 : squid Multiple Vulnerabilities (NS-SA-2020-0090)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has squid packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function...

squid security update

7:3.5.20-17.4 - Resolves: 1872349 - CVE-2020-24606 squid: Improper Input Validation could result in a DoS - Resolves: 1872327 - CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning - Resolves: 1872342 - CVE-2020-15811 squid: HTTP Request Splitting could result in cache...