WordPress WP Content Protection Plugin <= 1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Content Protection versions = 1.3...

CVE-2025-58670 WordPress WP Content Protection Plugin <= 1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Shankaranand Maurya WP Content Protection wp-content-protection allows Stored XSS.This issue affects WP Content Protection: from n/a through = 1.3...

CVE-2025-58670

CVE-2025-58670 describes a CSRF vulnerability in the WP Content Protection plugin (author: Shankaranand Maurya) that allows Stored XSS. Affected range is listed as n/a through 1.3. The included metrics show CVSS v3.1 base score 7.1 (HIGH) with attack vector Network, attack complexity Low, privile...

CVE-2025-58670 WordPress WP Content Protection Plugin <= 1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Shankaranand Maurya WP Content Protection wp-content-protection allows Stored XSS.This issue affects WP Content Protection: from n/a through = 1.3...

WordPress plugin WP Content Protection 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-38959

Name of the Vulnerable Software and Affected Versions WP Content Protection versions through 1.3 Description A Cross-Site Request Forgery CSRF issue exists in Shankaranand Maurya WP Content Protection, which also allows Stored Cross-Site Scripting XSS. The issue allows for potential malicious...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🚀 CVE-2025-32463 - Secure Your System from Privilege Escalatio...

SUSE CVE-2025-39837

In the Linux kernel, the following vulnerability has been resolved: platform/x86: asus-wmi: Fix racy registrations asuswmiregisterdriver may be called from multiple drivers concurrently, which can lead to the racy list operations, eventually corrupting the memory and hitting Oops on some ASUS...

CVE-2025-39860

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue freed sk and touched it after that. The root cause would be the racy...

CVE-2025-39841 scsi: lpfc: Fix buffer free/clear order in deferred receive path

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the...

CVE-2025-39837 platform/x86: asus-wmi: Fix racy registrations

In the Linux kernel, the following vulnerability has been resolved: platform/x86: asus-wmi: Fix racy registrations asuswmiregisterdriver may be called from multiple drivers concurrently, which can lead to the racy list operations, eventually corrupting the memory and hitting Oops on some ASUS...

OESA-2025-2300 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability ma...

PT-2025-38544

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The asus wmi register driver function may be called concurrently from multiple drivers, leading to race conditions in list operations that can corrupt memory and cause system instability...

CVE-2023-53445 net: qrtr: Fix a refcount bug in qrtr_recvmsg()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt: addition on 0; use-after-free. ... RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 ... Call Trace: refcountadd...

DEBIAN-CVE-2023-53372

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

DEBIAN-CVE-2022-50398

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

CVE-2023-53398

The CVE-2023-53398 entry describes a Linux kernel vulnerability in the mlx5 driver where fifo pop operations did not validate indices, enabling a potential use-after-free when popping from an empty queue during resync. The root cause was out-of-order CQEs that could drain the FIFO, allowing a SKB...

CVE-2022-50398 drm/msm/dp: add atomic_check to bridge ops

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

CVE-2022-50398

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

Scaling API Security Without the Complexity: Lessons from Early Adopters

APIs are a blessing and a curse. They’re the backbone of the modern internet. They also expose complex behaviors that are often poorly documented, stitched together across legacy and cloud systems, and updated faster than security teams can review. Three key groups typically shoulder the burden o...