6279 matches found
CVE-2025-12196
creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 22:45:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m772fe6d7u2q...
CVE-2025-13940
creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667 2025-12-04 22:54:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m772vy6s3i2k...
CVE-2025-12782
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-12782 Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-12782 Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-12782
Beaver Builder – WordPress Page Builder (Beaver Builder Lite) is affected by CVE-2025-12782 due to an authorization bypass in the disable() path that fails to properly verify user permissions. The issue affects all versions up to 2.9.4, enabling authenticated users with at least Contributor acces...
PT-2025-49006
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.9.4. This is due to the plugin not properly verifying a user's authorization in the disable function. This makes it possible for authenticated attackers,...
CVE-2025-66293
creationtimestamp| type| source ---|---|--- 2025-12-03 20:00:03+00:00| seen| https://seclists.org/oss-sec/2025/q4/233 2025-12-03 20:11:40+00:00| seen| https://seclists.org/oss-sec/2025/q4/234 2025-12-03 20:37:25+00:00| seen| https://seclists.org/oss-sec/2025/q4/235 2025-12-03 21:35:09+00:00| seen...
CVE-2025-66478
creationtimestamp| type| source ---|---|--- 2025-12-03 16:25:30+00:00| seen| https://bsky.app/profile/weld.bsky.social/post/3m73uolv7hs2r 2025-12-03 16:25:31+00:00| seen| https://bsky.app/profile/weld.bsky.social/post/3m73uolvfdc2r 2025-12-03 16:25:31+00:00| seen|...
CVE-2025-55182
creationtimestamp| type| source ---|---|--- 2025-12-03 15:45:15+00:00| seen| https://bsky.app/profile/react.dev/post/3m73sgkikuc2h 2025-12-03 15:55:55+00:00| seen| https://mstdn.social/users/jschauma/statuses/115656448649390437 2025-12-03 15:56:22+00:00| seen|...
CVE-2025-11839
creationtimestamp| type| source ---|---|--- 2025-12-03 08:49:36+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7337fhsto2g 2025-12-03 08:49:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7337gevib2b...
CVE-2025-48631
creationtimestamp| type| source ---|---|--- 2025-12-02 11:03:43+00:00| seen| https://bsky.app/profile/securityrss.bsky.social/post/3m6ysabxve527 2025-12-02 11:23:04+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3m6ytc4pph22v 2025-12-02 11:23:05+00:00| seen|...
PT-2025-48641
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.19. This is due to missing or incorrect nonce validation on the parseData function. This makes it possible for unauthenticated attackers...
WordPress plugin Export All Posts 跨站请求伪造漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is ...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 143 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 143.0.7499.40 Linux 143.0.7499.40/41 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...
CVE-2024-51999
creationtimestamp| type| source ---|---|--- 2025-12-01 16:37:07+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6wufigsy22l 2025-12-01 16:38:20+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6wuhn4oz22l 2025-12-02 10:50:09+00:00| seen|...
CVE-2025-12106
creationtimestamp| type| source ---|---|--- 2025-12-01 15:16:35+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115644969440260097 2025-12-01 15:19:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6wq2dk75f2n 2025-12-02 12:33:12+00:00| seen|...
CVE-2025-13771
creationtimestamp| type| source ---|---|--- 2025-11-28 10:03:00+00:00| seen| https://infosec.exchange/users/offseq/statuses/115626749410261118 2025-11-28 10:03:02+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m6omy3254v26 2025-11-28 11:04:14+00:00| seen|...
Identification of Malicious Posts on the Dark Web Using Supervised Machine Learning
Given the constant growth and increasing sophistication of cyberattacks, cybersecurity can no longer rely solely on traditional defense techniques and tools. Proactive detection of cyber threats has become essential to help security teams identify potential risks and implement effective mitigatio...
CVE-2025-12525
The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockercosubmitpost' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...