CVE-2024-43572

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review 2024-10-08 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-10-09 04:00:00+00:00| seen|...

CVE-2024-43484

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review...

CVE-2024-43511

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review...

CVE-2024-43565

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review...

Badge and CyberArk Announce Partnership to Redefine Privacy in PAM and Secrets Management

San Francisco, CA, 8th October 2024, CyberNewsWire...

GCVE-1-2025-0002

creationtimestamp| type| source ---|---|--- 2024-10-06 08:21:05+00:00| confirmed| Reporter 2025-07-01 09:05:03+00:00| seen| https://www.hackthebox.com/blog/cve-2023-34362-explained 2025-07-01 09:52:06+00:00| seen| https://social.circl.lu/@[email protected]/114777352334943118 2025-07-0...

CVE-2024-47183

creationtimestamp| type| source ---|---|--- 2024-10-04 17:42:41+00:00| seen| https://t.me/cvedetector/6989 2026-02-26 15:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfrjrrcv3m2w...

Cutting Latency, Not Security

...

CVE-2024-44193

creationtimestamp| type| source ---|---|--- 2024-10-02 18:02:02+00:00| seen| https://t.me/cvedetector/6833 2024-10-07 09:09:49+00:00| published-proof-of-concept| https://t.me/cKure/13726 2024-10-07 10:19:48+00:00| published-proof-of-concept| https://t.me/HackerOne/3718 2024-10-07 13:16:03+00:00|...

Kubernetes the Hard Way

...

FlatPress 安全漏洞

FlatPress is a Php-based blog builder without database support from the FlatPress community. A security vulnerability exists in Flatpress version 1.3. An attacker exploited the vulnerability to inject malicious scripts into web pages viewed by other users...

CVE-2024-7432

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is...

CVE-2024-7432

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is...

CVE-2024-7432 Unseen Blog <= 1.0.0 - Authenticated (Contributor+) PHP Object Injection

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is...

CVE-2024-7432

CVE-2024-7432 — Unseen Blog Theme (WordPress) is affected up to version 1.0.0. The issue is a PHP Object Injection via deserialization of untrusted input. Authenticated attackers with Contributor-level access or higher can inject a PHP object. No POP chain is confirmed in the core vulnerable soft...

CVE-2024-7432 Unseen Blog <= 1.0.0 - Authenticated (Contributor+) PHP Object Injection

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is...

WordPress Unseen Blog theme <= 1.0.0 - Authenticated (Contributor+) PHP Object Injection vulnerability

Authenticated Contributor+ PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Theme Unseen Blog versions = 1.0.0...

FlatPress 跨站脚本漏洞

FlatPress is a Php-based blog builder without database support from the FlatPress community. A cross-site scripting vulnerability exists in FlatPress v1.3, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to execute arbitrary code by sending a...

WordPress plugin Unseen Blog 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress Unseen Blog Theme <= 1.0.0 is vulnerable to PHP Object Injection

Software Unseen Blog Type Theme Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-7432 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID acc2ad92c272 Credits Francesco Carlucci Required privilege...