Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005052 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when...

CVE-2025-1314

The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is due to missing or incorrect nonce validation on the ctfclearcacheadmin function. This makes it possible for...

CVE-2025-1314 Custom Twitter Feeds <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin Function

The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is due to missing or incorrect nonce validation on the ctfclearcacheadmin function. This makes it possible for...

CVE-2025-1314 Custom Twitter Feeds <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin Function

The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is due to missing or incorrect nonce validation on the ctfclearcacheadmin function. This makes it possible for...

WordPress Custom Twitter Feeds plugin <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin Function vulnerability

Cross-Site Request Forgery to Cache Reset via ctfclearcacheadmin Function vulnerability discovered by Kévin Mosbahi Mika in WordPress Plugin Custom Twitter Feeds Tweets Widget versions = 2.2.5...

WordPress Linear plugin <= 2.8.1 - Cross-Site Request Forgery to Cache Reset vulnerability

Cross-Site Request Forgery to Cache Reset vulnerability discovered by Dhabaleshwar Das in WordPress Plugin Linear versions = 2.8.1...

CVE-2024-13709

CVE-2024-13709 : The Linear WordPress plugin (versions up to 2.8.1) is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the ‘linear-debug’ feature. This can allow unauthenticated attackers to reset the plugin cache by tricking a site administrator into performing a forg...

CVE-2024-13709 Linear <= 2.8.1 - Cross-Site Request Forgery to Cache Reset

The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on the 'linear-debug'. This makes it possible for unauthenticated attackers to reset the plugin's cache via a forged reques...

CVE-2024-13709 Linear <= 2.8.1 - Cross-Site Request Forgery to Cache Reset

The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on the 'linear-debug'. This makes it possible for unauthenticated attackers to reset the plugin's cache via a forged reques...

PT-2025-2253 · WordPress · Linear

Name of the Vulnerable Software and Affected Versions: Linear plugin for WordPress versions up to, and including, 2.8.1 Description: The issue is due to missing or incorrect nonce validation on the linear-debug feature, making it possible for unauthenticated attackers to reset the plugin's cache...

UBUNTU-CVE-2024-36971

In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when sk-dstcache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk-skdstcache, then call dstreleaseolddst. Note...