39 matches found
CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
CVE-2026-8878 CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
EUVD-2026-34163
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
CVE-2026-8878 CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...
PT-2026-46050
Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description Multiple publicly accessible endpoints allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes a cryptographic hash function that produces a 160-bit...
EUVD-2011-1510
Malware in sbrugna...
WordPress Flag Icons plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso in WordPress Plugin Flag Icons versions = 2.2...
WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Keep Backup Daily versions = 2.1.0...
WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.27.12...
WordPress Hyve Lite plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso in WordPress Plugin AI Chatbot for WordPress – Hyve Lite versions = 1.2.2...
WordPress Slides & Presentations Plugin <= 0.0.39 - Content Injection vulnerability
Content Injection vulnerability discovered by Caesar Evan Santoso in WordPress Plugin Slides & Presentations versions = 0.0.39...
WordPress Content Blocks Builder plugin <= 2.7.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Content Blocks Builder versions = 2.7.6...
WordPress Slides & Presentations Plugin <= 0.0.39 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Slides & Presentations versions = 0.0.39...
WordPress Slides & Presentations Plugin <= 0.0.39 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Slides & Presentations versions = 0.0.39...
WordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerability
CSRF Cross Site Scripting XSS vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Virtual Bot versions = 1.0.0...
WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Virtual Bot versions = 1.0.0...
New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites
Multiple content management system CMS platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment...
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!
A proof-of-concept User-Defined Reflective Loader UDRL which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin | @s4ntiago...