7697 matches found
CVE-2026-44315
creationtimestamp| type| source ---|---|--- 2026-05-08 22:39:16+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-5f62-53r8-qrqf 2026-05-28 21:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmwwi7f4w22f...
CVE-2026-45301
creationtimestamp| type| source ---|---|--- 2026-05-08 20:57:06+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-r8wh-8m7r-fh33 2026-05-20 13:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmbxwk4kdn2s...
CI4MS 代码问题漏洞
CI4MS is an open-source blog page management tool developed by Ci4MS. There were code issues and vulnerabilities in versions of CI4MS from 0.26.0 to 0.31.8.0. These vulnerabilities stemmed from the auth filter disabling the check for banning/banned users...
AI Survey: 50% of Organizations Struggle to Maintain Latency at Scale
The Akamai State of AI Inference report captures real data from the field that describes how AI inference is being built and scaled in production today...
ClickFix campaign uses fake macOS utilities lures to deliver infostealers
In this article 1. Activity overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft researchers continue to observe the evolution of an infostealer campaign distributing ClickFix‑style instructions and targeting macOS users. In this recent iteration...
CVE-2026-6704
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
WordPress Blog Settings plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Julian Chibuike Nwadinobi Wackydawg - streamio in WordPress Plugin Blog Settings versions = 1.0...
Akamai Cloud Is Built for What Cloud Has Become (Updated May 2026)
...
PT-2026-38241
Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description Unbounded recursion in the jv object merge recursive function allows a specially crafted program to crash the process with a segmentation fault segfault, which is an error occurring when a program attempt...
EUVD-2026-27209
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2026-6704
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2026-6704 Blog Settings <= 1.0 - Reflected Cross-Site Scripting via 'page' Parameter
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2026-6704 Blog Settings <= 1.0 - Reflected Cross-Site Scripting via 'page' Parameter
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2026-6704
The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
This Week in Spring - May 5th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring! It's May 5th, 2026, and I'm in Mainz, Germany, for the legendary JAX conference! It's been infinitely far too long since I've been at this amazing show, and I'm oh-so happy to be back here! Tonight, after my two talks here, I...
WordPress plugin Blog Settings 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-36961
Name of the Vulnerable Software and Affected Versions Blog Settings plugin for WordPress versions prior to 1.1 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to inject arbitrary web scripts. This occurs via the page parameter, enabling scripts to...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...
The New Ouroboros Technique and How It Fits in dMSA’s Security Model
...
CVE-2026-38669
wCMS v.1.4 is vulnerable to Cross Site Scripting XSS when creating a new blog...