7703 matches found
PT-2024-38343 · WordPress · Unseen Blog Theme
Name of the Vulnerable Software and Affected Versions: Unseen Blog theme for WordPress versions up to, and including, 1.0.0 Description: The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input. This makes it possible for authenticated...
Flatpress 安全漏洞
FlatPress is a Php-based blog builder without database support from the FlatPress community. A security vulnerability exists in Flatpress v1.3, which stems from the presence of a cross-site scripting XSS vulnerability that allows attackers to execute arbitrary web script or HTML by injecting a...
CVE-2023-36039
creationtimestamp| type| source ---|---|--- 2024-09-26 18:25:07+00:00| seen| https://www.thezdi.com/blog/2024/9/25/exploiting-exchange-powershell-after-proxynotshell-part-4-no-argument-constructor...
An Analysis of the EU’s Cyber Resilience Act
A good--long, complex--analysis of the EU's new Cyber Resilience Act...
Optimizing Web Usability with Text Fragments
...
Evolved Exploits Call for AI-Driven ASRM + XDR
AI-driven insights for managing emerging threats and minimizing organizational risk...
What’s New for Developers: September 2024
...
Pointless May Not Be Harmless: The Story of a Login Page with a Blank Security Question
...
How Distributed Cloud Computing Meets Modern User Demand
...
How to Build a NAT Gateway in a VPC with Linode
...
CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-7862 Blog Introduction <= 0.3.0 - Settings Update via CSRF
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-37339
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-37980
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38228
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38240
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38256
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38225
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38245
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
CVE-2024-38257
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...