CVE-2023-4243

The FULL - Customer plugin for WordPress is vulnerable to Arbitrary File Upload via the /install-plugin REST route in versions up to, and including, 2.2.3 due to improper authorization. This allows authenticated attackers with subscriber-level permissions and above to execute code by installing...

EUVD-2025-27247

Malicious code in bioql PyPI...

CVE-2025-9161

A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization. This flaw enables the loading of remote Mosquito plugins, which can be used to achieve remote code execution...

CVE-2025-9161

CVE-2025-9161 affects the FactoryTalk Optix MQTT broker. The vulnerability stems from insufficient URI sanitization, which allows loading of remote Mosquito plugins and can lead to remote code execution. Documented impact is remote code execution; exploitation details are not provided in the supp...

PT-2025-36730

Name of the Vulnerable Software and Affected Versions: FactoryTalk Optix affected versions not specified Description: A security issue exists in FactoryTalk Optix MQTT broker due to insufficient URI sanitization. This flaw allows the loading of remote Mosquito plugins, potentially leading to remo...

PT-2023-28336 · WordPress · Full - Customer

Name of the Vulnerable Software and Affected Versions: The FULL - Customer plugin for WordPress versions up to, and including, 2.2.3 Description: The issue allows authenticated attackers with subscriber-level permissions and above to execute code by installing plugins from arbitrary remote...

Adaptable, All-in-One Android Trojan Shows the Future of Malware

A new Android trojan, dubbed “GPlayed”, has been identified by researchers who said the malware is both extremely dangerous and could herald a new and very dangerous age for malicious code, according to Cisco Talos researchers. The trojan has all of the capabilities of a banking trojan as well as...