42 matches found
EUVD-2025-25289
Malicious code in bioql PyPI...
CVE-2025-49413
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...
CVE-2025-49413
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...
CVE-2025-49413
CVE-2025-49413 affects the WordPress plugin “Super Store Finder” (WP plugin by highwarden) versions up to and including 7.6. It is a reflected XSS caused by improper neutralization of input during web page generation. The CVSS 3.1 base vector indicates Network attack, no privileges required, user...
CVE-2025-49413 WordPress Super Store Finder Plugin <= 7.6 - Reflected Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through = 7.6...
WordPress plugin Terms of Service & Privacy Policy Generator Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Term...
PT-2025-33948 · Unknown · Wishloop Terms Of Service & Privacy Policy Generator
Name of the Vulnerable Software and Affected Versions: Wishloop Terms of Service & Privacy Policy Generator versions through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Stored Cross-site Scripting XSS. This allows for the...
WordPress Terms of Service & Privacy Policy Generator plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Terms of Service & Privacy Policy Generator versions = 1.0...
Linux Distros Unpatched Vulnerability : CVE-2018-1000875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutabl...
Adobe clarifies Terms of Service change, says it doesn’t train AI on customer content
Following days of user pushback that included allegations of forcing a "spyware-like" Terms of Service ToS update into its products, design software giant Adobe explained itself with several clarifications. Apparently, the concerns raised by the community, especially among Photoshop and Substance...
YouTube shows ads for ad blocker, financial scams
After performing local experiments for a few months, YouTube recently expanded its effort to block ad blockers. The move was immediately unpopular with some users, and raised some questions in Europe about whether it was breaking privacy laws. In addition, there are some still some fundamental...
Zoom clarifies user consent requirement when training its AI
Changes in the terms of service TOS of the Zoom video-conferencing software have caused some turmoil. Since the pandemic, Zoom Video Conferencing has become a household name. Zoom came up as the big winner in the video conferencing struggle that enabled us to work from home. Now that things are...
WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
The Irish Data Protection Commission DPC on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in...
WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
The Irish Data Protection Commission DPC on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in...
KMSpico explained: No, KMS is not "kill Microsoft"
Thanks to Pieter Arntz and the Threat Intelligence Team who contributed to the research. A hack tool is a program that allows users to activate software even without a legitimate, purchased key. Hack tools are often used to root devices in order to among others remove barriers that stop users fro...
Acronis: No server side check on terms of service page which leads to bypass
Hi team, I have found that there is no server side check implemented on the "Acronis Terms of Service and Privacy Statement" Page that is shown after filling the registration form which results in bypassing it without even accepting it. Steps To Reproduce: 1. Register as a new user by filling out...
A Texas Abortion ‘Whistleblower’ Site Still Can't Find a Host
Even the most extreme internet infrastructure providers have turned their backs on the website for violating their terms of service...
Office 365 OAuth Attack Targets Coinbase Users
Office 365 users are receiving emails purporting to come from cryptocurrency platform Coinbase, which ask them to download updated Terms of Service via an OAuth consent app. But when they agree to do so, users are unknowingly giving attackers full access to their email. OAuth is an open standard...
TikTok collected MAC addresses for Android phones against Google’s ToS
By Zara Khan TikTok also collected unique identifiers and sent them to Byte Dance, its parent company. This is a post from HackRead.com Read the original post: TikTok collected MAC addresses for Android phones against Googles ToS...
Cloud data protection: how to secure what you store in the cloud
The cloud has become the standard for data storage. Just a few years ago, individuals and businesses pondered whether or not they should move to the cloud. This is now a question of the past. Today, the question isn't whether to adopt cloud storage but rather how. Despite its rapid pace of...