Lucene search
+L

18183 matches found

ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.18 views

PT-2026-49231

Name of the Vulnerable Software and Affected Versions Cornerstone versions prior to 7.8.8 Description A flaw allows a user with subscriber privileges to achieve arbitrary code execution, which is the ability to run unauthorized commands or code on the host system. Recommendations Update to versio...

8.5CVSS5.6AI score0.00371EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.20 views

PT-2026-49232

Name of the Vulnerable Software and Affected Versions GPTranslate – Multilingual AI Translation for WordPress versions prior to 2.32.7 Description An unauthenticated SQL Injection exists in the GPTranslate plugin for WordPress. This allows an attacker to execute arbitrary SQL queries on the...

9.3CVSS6.1AI score0.00289EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.21 views

PT-2026-49187

Name of the Vulnerable Software and Affected Versions OttoKit versions prior to 1.1.28 Description Unauthenticated PHP Object Injection occurs in the software. PHP Object Injection is a vulnerability that allows an attacker to pass malicious serialized objects into the application, which can lead...

9.8CVSS6AI score0.00383EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.12 views

PT-2026-49116

Name of the Vulnerable Software and Affected Versions Shared Files versions prior to 1.7.65 Description An unauthenticated path traversal issue exists, allowing an attacker to access files and directories outside the intended folder on the server. Recommendations Update to a version newer than...

7.5CVSS5.2AI score0.00326EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.17 views

PT-2026-49141

Name of the Vulnerable Software and Affected Versions LatePoint versions prior to 5.5.2 Description A privilege escalation issue exists where users with Contributor roles can gain higher privileges. Recommendations Update to version 5.5.2 or later...

7.5CVSS5.2AI score0.00287EPSS
Exploits2References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.16 views

PT-2026-49140

Name of the Vulnerable Software and Affected Versions Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & Chat Buttons versions prior to 1.4.9 Description An issue exists that leads to the exposure of sensitive subscriber data. Recommendations Update to a version...

7.4CVSS5.2AI score0.00264EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.12 views

PT-2026-49142

Name of the Vulnerable Software and Affected Versions WP User Manager versions prior to 2.9.17 Description A flaw allows a user with Subscriber privileges to perform arbitrary file deletion. Recommendations Update to a version newer than 2.9.16...

9.9CVSS5.4AI score0.00506EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.11 views

PT-2026-49107

Name of the Vulnerable Software and Affected Versions WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions prior to 1.1.5 Description An unauthenticated PHP Object Injection issue exists in the plugin. PHP Object Injection occurs when user-supplied input is...

9.8CVSS5.8AI score0.00476EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.14 views

PT-2026-49115

Name of the Vulnerable Software and Affected Versions Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms versions prior to 1.2.2 Description An unauthenticated PHP Object Injection issue exists in the software. PHP Object Injection occurs when...

9.8CVSS5.8AI score0.00476EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.14 views

PT-2026-49117

Name of the Vulnerable Software and Affected Versions Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms versions prior to 1.1.2 Description An unauthenticated PHP Object Injection issue exists in the software. PHP Object Injection occurs when user-supplied input i...

9.8CVSS5.8AI score0.00476EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.14 views

PT-2026-49169

Name of the Vulnerable Software and Affected Versions WP Travel Engine versions prior to 6.7.11 Description An unauthenticated issue exists in the WP Travel Engine plugin that allows for an unspecified vulnerability type to be exploited without requiring user authentication. Recommendations Updat...

7.5CVSS5.2AI score0.00252EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.15 views

PT-2026-49139

Name of the Vulnerable Software and Affected Versions JetSearch versions prior to 3.5.18 Description An unauthenticated SQL Injection allows an attacker to interfere with the queries that an application makes to its database. This occurs in the JetSearch WordPress plugin. Recommendations Update t...

9.3CVSS5.6AI score0.00346EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/06/14 12:0 a.m.15 views

PT-2026-49143

Name of the Vulnerable Software and Affected Versions WP Go Maps versions prior to 10.0.10 Description The plugin fails to properly enforce the marker approval filter on the admin-ajax fallback for its datatables route. This allows unauthenticated visitors to retrieve marker records that the site...

5.2AI score0.00192EPSS
Exploits0References3
ossf
ossf
added 2026/06/13 7:7 a.m.18 views

Malicious code in class-synth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa63407d7400b4819d0739dedad0a32d9ae29b18509693c2e8763cf30275271 class-synth is advertised as a small class/style/date utility library, but its main entry dist/index.js contains a hidden top-level async IIFE init...

6.1AI score
Exploits0References11
thn
thn
added 2026/06/11 1:26 p.m.17 views

Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories

Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason is simple. Cybersecurity is full of work that deserves recognition and rarely gets it. Products that...

5.7AI score
Exploits0
packetstormnews
packetstormnews
added 2026/06/11 12:0 a.m.8 views

The Emergence of Autonomous Penetration Capabilities in Large Language Model-Powered AI Systems

Nowadays, the autonomous execution of cyberattacks capable of causing substantial real-world harm is widely regarded as one of the critical red lines that frontier AI systems must not cross. Within this broader red-line scenario, autonomous penetration represents a core enabling capability and...

5.8AI score
Exploits0
wired
wired
added 2026/06/10 8:55 p.m.8 views

CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats

“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday...

5.5AI score
Exploits0
packetstormnews
packetstormnews
added 2026/06/10 12:0 a.m.12 views

Bridging the Smart City Cybersecurity Data Gap through AI-Driven Synthetic Dataset Generation

Smart cities rely on interconnected cyber-physical systems that integrate sensors, IoT devices, cloud platforms, and AI-driven services and decision-making. While these systems enhance city services, they also introduce complex cybersecurity challenges due to their large attack surfaces,...

5.4AI score
Exploits0
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.21 views

Microsoft Azure Stack Edge 跨站脚本漏洞

Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. Microsoft Azure Stack Edge has a cross-site scripting vulnerability. Attackers can exploit this vulnerability to perform phishing attacks...

8.4CVSS5AI score0.00814EPSS
Exploits0References2
qualysblog
qualysblog
added 2026/06/05 12:30 p.m.21 views

Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing

The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger point: defenders now have an opportunity to change the economics of cyber risk. For me, the question is not whether AI will influence cybersecurity. It...

5.6AI score
Exploits0
Rows per page
Query Builder