EUVD-2025-145823

Malicious code in brandonjohnson npm...

Drupal Acquia DAM module < 1.1.5 - Unauthenticated Multiple Vulnerabilities vulnerability

Unauthenticated Multiple Vulnerabilities vulnerability discovered by Brandon Goodwin bgoodie in WordPress Module Acquia DAM versions 1.1.5...

Akamai Wins Best Sales Leadership Development Program from Brandon Hall

Learn how Akamai's award-winning sales leadership development program transforms sales managers into impactful coaches, driving growth and performance...

CVE-2024-49609

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through = 0.2.2...

The Trial at the Tip of the Terrorgram Iceberg

Atomwaffen Division cofounder and alleged Terrorgram Collective member Brandon Russell is facing a potential 20-year sentence for an alleged plot on a Baltimore electrical station. His case is only the beginning...

CVE-2024-49609

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through = 0.2.2...

CVE-2024-49609 WordPress Author Discussion plugin <= 0.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through = 0.2.2...

CVE-2024-49609

CVE-2024-49609 affects WordPress plugin Author Discussion (versions

CVE-2024-49625

Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0...

PT-2024-33564 · Unknown · Brandon White Author Discussion

Name of the Vulnerable Software and Affected Versions: Brandon White Author Discussion versions 0.2.2 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...

GHSA-G77X-44XX-532M Denial of Service condition in Next.js image optimization

Impact The image optimization feature of Next.js contained a vulnerability which allowed for a potential Denial of Service DoS condition which could lead to excessive CPU consumption. Not affected: - The next.config.js file is configured with images.unoptimized set to true or images.loader set to...

Brandon Adkins’ Career Journey - Taking Chances and Tackling New Challenges

Brandon Adkins is the Manager of our Threat Intelligence & Detection Engineering TIDE team. His career journey spans a variety of roles and teams where he has been able to showcase his technical skills in security. Since joining Rapid7, he’s had experience as a Penetration Testing Consultant,...

WordPress MainWP Child Reports plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin MainWP Child Reports versions = 2.1.1...

WordPress FameTheme Demo Importer plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin FameTheme Demo Importer versions = 1.1.5...

WordPress MainWP Child Reports Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software MainWP Child Reports Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-33680 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2150654abae2 Credits Brandon Roldan...

WordPress Giveaways and Contests by RafflePress Plugin <= 1.12.7 is vulnerable to Bypass Vulnerability

Software Giveaways and Contests by RafflePress Type Plugin Vulnerable versions = 1.12.7 Fixed in 1.12.11 OWASP Top 10 A5: Security Misconfiguration Classification Bypass Vulnerability CVE CVE-2024-32827 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1c85afd440e3 Credits...

WordPress Zero Spam for WordPress plugin <= 5.5.6 - Bypass Spam Protection vulnerability

Bypass Spam Protection vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Zero Spam versions = 5.5.6...

WordPress WP Google Analytics Events – No-Code Custom Event Tracking for Google Analytics plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin WP Google Analytics Events versions = 2.8.0...

WordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin UsersWP versions 1.2.6...

WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Simple Post Notes versions = 1.7.6...