Lucene search
K

144521 matches found

Malwarebytes
Malwarebytes
added 2026/01/26 2:28 p.m.7 views

Get paid to scroll TikTok? The data trade behind Freecash ads

Loyal readers and other privacy-conscious people will be familiar with the expression, “If it’s too good to be true, it’s probably false.” Getting paid handsomely to scroll social media definitely falls into that category. It sounds like an easy side hustle, which usually means there’s a catch. I...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/24 3:18 p.m.5 views

CVE-2026-24581

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...

5.4CVSS5.4AI score0.00209EPSS
Exploits0References1
Wordfence Blog
Wordfence Blog
added 2026/01/23 3:29 p.m.14 views

Wordfence Bug Bounty Program Monthly Report – December 2025

Last month in December 2025, the Wordfence Bug Bounty Program received 759 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfen...

6.8AI score
Exploits0
NVD
NVD
added 2026/01/23 3:16 p.m.4 views

CVE-2026-24581

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...

5.4CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.11 views

CVE-2026-24581

CVE-2026-24581 is a Missing Authorization / Broken Access Control vulnerability affecting the WordPress plugin Points and Rewards for WooCommerce (versions up to and including 2.9.5). The issue enables access-control bypass due to misconfigured permission checks, as reported in multiple sources (...

5.4CVSS5.4AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.3 views

CVE-2026-24581 WordPress Points and Rewards for WooCommerce plugin <= 2.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...

5.4CVSS5.9AI score0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.33 views

CVE-2026-24581 WordPress Points and Rewards for WooCommerce plugin <= 2.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Swings Points and Rewards for WooCommerce points-and-rewards-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Points and Rewards for WooCommerce: from n/a through = 2.9.5...

5.4CVSS0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.5 views

PT-2026-4420

Name of the Vulnerable Software and Affected Versions WP Swings Points and Rewards for WooCommerce versions through 2.9.5 Description An authorization issue exists in WP Swings Points and Rewards for WooCommerce, allowing exploitation due to incorrectly configured access control security levels...

5.3AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.8 views

WordPress plugin Points and Rewards for WooCommerce has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.4CVSS5.8AI score0.00209EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/19 7:28 p.m.9 views

WordPress Points and Rewards for WooCommerce plugin <= 2.9.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rapid0nion in WordPress Plugin Points and Rewards for WooCommerce versions = 2.9.5...

5.4CVSS5.4AI score0.00209EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-1155

CVE-2025-22189 - Adobe Flash Player Unvalidated Redirects and Rewards URR CVE ID : CVE-2025-22189 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...

7AI score
Exploits0References1
OSV
OSV
added 2025/12/15 7:37 p.m.6 views

GO-2025-4214 Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond in github.com/babylonlabs-io/babylon

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond in github.com/babylonlabs-io/babylon...

6.9AI score
Exploits0References2
EUVD
EUVD
added 2025/12/09 2:25 p.m.6 views

EUVD-2025-201932

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond...

6.4AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/09 2:25 p.m.5 views

Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond

Summary A state consistency bug in x/costaking can leave a BTC delegator with non-zero ActiveSatoshis Phatom Stake even after they have fully unbonded their BTC delegation, if their Finality Provider FP drops out of the active set in the exact same babylon block height. This creates a “phantom...

6.9AI score
Exploits0References3Affected Software4
Krebs on Security
Krebs on Security
added 2025/12/04 11:2 p.m.9 views

SMS Phishers Pivot to Points, Taxes, Fake Retailers

China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/11/24 5:36 p.m.6 views

Black Friday scammers offer fake gifts from big-name brands to empty bank accounts

Black Friday is supposed to be chaotic, sure, but not this chaotic. While monitoring malvertising patterns ahead of the holiday rush, I uncovered one of the most widespread and polished Black Friday scam campaigns circulating online right now. It’s not a niche problem. Our own research shows that...

6.5AI score
Exploits0
CNVD
CNVD
added 2025/11/18 12:0 a.m.3 views

WordPress WooCommerce Ultimate Points And Rewards plugin Information Disclosure Vulnerability

WordPress WooCommerce Ultimate Points And Rewards plugin is a points and rewards management tool designed for WooCommerce, which awards points through customer behavior e.g., purchases, registrations, comments, etc. and supports redemption of discounts, coupons or free products, aiming to increas...

4.3CVSS6.3AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/14 10:11 a.m.10 views

CVE-2025-64267

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through...

4.3CVSS6.9AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 12:31 p.m.5 views

EUVD-2025-163779

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through...

4.3CVSS6.3AI score0.00187EPSS
Exploits0References2
NVD
NVD
added 2025/11/13 10:15 a.m.4 views

CVE-2025-64267

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through...

4.3CVSS0.00187EPSS
Exploits0References1
Rows per page
Query Builder