WordPress plugin GDPR CCPA Compliance Support 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

PT-2025-5428 · Ninja Team · Ninjateam Gdpr Ccpa Compliance Support

Name of the Vulnerable Software and Affected Versions: NinjaTeam GDPR CCPA Compliance Support versions 2.7.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For...

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM implementation allows a perpetrator to compromise the confidentiality of protected information.

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM implementation is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality of the protected information...

The vulnerability of the Secure Boot Security component of the Windows operating system, which allows a hacker to circumvent security restrictions

The vulnerability of the Secure Boot Security component of the Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the LibreOffice office software package, related to insufficient protection of sensitive data, allows a perpetrator to disclose confidential information.

The vulnerability of the LibreOffice office software package is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to disclose confidential information...

Considerations for Selecting the Best API Authentication Option

Implementing API authentication is one of the most critical stages of API design and development. Properly implemented authentication protects data, user privacy, and other resources while streamlining compliance, preventing fraud, and establishing accountability. In fact, broken authentication i...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this mechanism.

The vulnerability of the Kerberos protocol for Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with...

European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

Austrian privacy non-profit None of Your Business noyb has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an...

The vulnerability of the Windows operating system’s kernel allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of Themes components in Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of Themes component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

WordPress EU DSGVO Helper Plugin <= 1.0.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin EU DSGVO Helper versions = 1.0.6.1...

The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the command-line interface CLI of Juniper Networks Junos OS is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

WordPress plugin Cookie Consent & Autoblock for GDPR/CCPA 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-4909 · Unknown · Sprucejoy Cookie Consent & Autoblock For Gdpr/Ccpa

Name of the Vulnerable Software and Affected Versions: SpruceJoy Cookie Consent & Autoblock for GDPR/CCPA versions 1.0.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of strictly encrypted accounting data. This allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the use of rigidly encrypted account data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized acces...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in improper verification of certificates. This allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller is related to improper verification of certificates. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized...

PT-2025-1215 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: The issue is related to insufficient protection of system data in the BitLocker component of the Windows operating system. Exploitation of this issue may allow an attacker to...

ROS-20250113-02

Vulnerability of sessionuser function in fs/ksmbd/smb2pdu.c module of KSMBD file system of Linux kernel is related to reading data outside the allocated buffer. Linux kernel file system KSMBD is related to reading data outside the allocated buffer. Exploitation of the vulnerability could allow an...