4665 matches found
WordPress Plugin SurveyFunnel - Survey Plugin for WordPress Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in SurveyFunnel - Survey Plugin for WordPress...
EUVD-2025-202092
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through = 2.5.8...
CVE-2025-67554
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through = 2.5.8...
CVE-2025-67554 WordPress Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.5.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Humanityco Cookie Notice & Compliance for GDPR / CCPA cookie-notice allows Stored XSS.This issue affects Cookie Notice & Compliance for GDPR / CCPA: from n/a through = 2.5.8...
CVE-2025-67554
Summary: CVE-2025-67554 is a stored XSS vulnerability in the WordPress plugin
Security Bulletin: IBM Guardium Data Protection is affected by a Apache/Tomcat Vulnerabilities related to cxf-core-3.5.10.jar vulnerability (CVE-2025-48913)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-48913 DESCRIPTION: If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilitie...
Vulnerabilities identified in PCIe Integrity and Data Encryption (IDE) protocol specification
Overview PCI Express Integrity and Data Encryption PCIe IDE, introduced in the PCIe 6.0 standard, provides link-level encryption and integrity protection for data transferred across PCIe connections. Several issues were identified in the IDE specification that could allow an attacker with local...
ROS-20251124-14
A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...
CVE-2025-66075
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...
WordPress plugin Cookie Notice & Compliance for GDPR / CCPA 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...
PT-2025-47747
Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.3...
Ambient and autonomous security for the agentic era
Over the past year, I've had countless conversations with customers who are striving to unlock human ambition with AI. They are on their journey to become Frontier Firms, where humans and agents push the boundaries of innovation and create new possibilities, empowering humans to become limitless...
MGASA-2025-0273 Updated unbound packages fix security vulnerability
Several multi-vendor cache poisoning vulnerabilities have been discovered in caching resolvers for non-DNSSEC protected data. Unbound is vulnerable for some of these cases that could lead to domain hijacking CVE-2025-11411...
WordPress Plugin FunnelKit Automations Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin FunnelKit Automations,...
WordPress Plugin KiotViet Sync Information Disclosure Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin KiotViet Sync, which ste...
ROS-20251111-07
A vulnerability in the Downloads component of the Google Chrome and Microsoft Edge browsers is related to a false representation of critical information by the user interface. presentation of critical information by the user interface. Exploitation of the vulnerability could Allow an attacker...
Advisory ROSA-SA-2025-3058
Software: libxslt 1.1.32 OS: ROSA Virtualization 3.1 unaffected versions = libxslt-1.1.32-6.3.rv31 affected versions libxslt-1.1.32-6.3.rv31 CVE-ID: CVE-2023-40403 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libxslt library of the iPadOS, tvOS, iOS, watchOS, macOS operating system is...
Singling out People without Knowing Their Names - Behavioural Targeting, Pseudonymous Data, and the New Data Protection Regulation
Information about millions of people is collected for behavioural targeting, a type of marketing that involves tracking people's online behaviour for targeted advertising. It is hotly debated whether data protection law applies to behavioural targeting. Many behavioural targeting companies say...
WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 4.0.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.0.3...
How to Protect Personal Data in Today’s API Economy
...