WordPress eForm - WordPress Form Builder < 4.19.1 - Cross Site Scripting (XSS) Vulnerability

WordPress eForm - WordPress Form Builder 4.19.1 - Cross Site Scripting XSS Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin eForm - WordPress Form Builder versions 4.19.1...

WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability

Subscriber+ Privilege Escalation vulnerability discovered by Dave Jong Patchstack in WordPress Theme wProject versions 5.8.0...

Malicious code in dave-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c5e4c9469fec2d35256dcb0afcf57d63e6cfcf6ef685cf0f916f05cedc34c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3131 Malicious code in dave-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c5e4c9469fec2d35256dcb0afcf57d63e6cfcf6ef685cf0f916f05cedc34c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

A Bootiful Podcast: Dr. Dave Syer on the new and nifty Spring gRPC project

Hi, Spring fans! In this installment I talk to the good and the great Dr. Dave Syer about the experimental! new Spring gRPC project!...

WordPress WP SuperBackup plugin <= 2.3.3 - Multiple Subscriber+ Broken Access Control vulnerabilities

Multiple Subscriber+ Broken Access Control vulnerabilities discovered by Dave Jong Patchstack in WordPress Plugin WP SuperBackup versions = 2.3.3...

WordPress WP SuperBackup plugin <= 2.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin WP SuperBackup versions = 2.3.3...

WordPress WP SuperBackup plugin <= 2.3.3 - Subscriber+ PHP Object Injection vulnerability

Subscriber+ PHP Object Injection vulnerability discovered by Dave Jong Patchstack in WordPress Plugin WP SuperBackup versions = 2.3.3...

WordPress WP SuperBackup plugin <= 2.3.3 - Unauthenticated Backup File Download Vulnerability

Unauthenticated Backup File Download Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin WP SuperBackup versions = 2.3.3...

This Week in Spring - December 3rd, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's the first week of December and I am in the amazing city of Perth, Australia. Perth, for those of you who don't know, is amazing. And well worth the journey. But it is quite the journey! 27 hours, door-to-door, from San...

WordPress FAT Services Booking plugin <= 5.6 - Subscriber+ Site-Wide Cross Site Scripting (XSS) vulnerability

Subscriber+ Site-Wide Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin FAT Services Booking versions = 5.6...

WordPress AIO Contact plugin <= 2.8.1 - Unauthenticated Plugin Settings Change vulnerability

Unauthenticated Plugin Settings Change vulnerability discovered by Dave Jong Patchstack in WordPress Plugin AIO Contact versions = 2.8.1...

WordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerability

Subscriber+ Plugin Settings Change vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4.1...

WordPress ARForms plugin <= 6.4.1 - Subscriber+ Arbitrary File Read vulnerability

Subscriber+ Arbitrary File Read vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4.1...

WordPress Revy plugin <= 1.18 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Revy versions = 1.18...

WordPress Revy plugin <= 1.18 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Revy versions = 1.18...

A Bootiful Podcast: PostgreSQL contributor Dave Cramer

Hi, Spring fans! Happy Thanksgiving to my American listeners! and happy Thursday to the everyone! In today's episode I talk to PostgreSQL and PostgreSQL JDBC contributor Dave Cramer. postgresql jdbc sql java...

Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls

Popular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted E2EE protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord's audio and video end-to-end encryption "E2EE A/V". As part of the change introduced...

WordPress Droip plugin < 2.5.2 - Settings Change vulnerability

Settings Change vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Droip versions 2.5.2...

WordPress Brickscore plugin <= 1.4.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Brickscore versions = 1.4.2.5...