52 matches found
Human Presence Detection Via Wi-Fi Range-Filtered Doppler Spectrum on Commodity Laptops
Human Presence Detection HPD is key to enable intelligent power management and security features in everyday devices. In this paper we propose the first HPD solution that leverages monostatic Wi-Fi sensing and detects user position using only the built-in Wi-Fi hardware of a device, with no need...
GNSS SpAmming: A Spoofing-Based GNSS Denial-Of-Service Attack
GNSSs are vulnerable to attacks of two kinds: jamming i.e. denying access to the signal and spoofing i.e. impersonating a legitimate satellite. These attacks have been extensively studied, and we have a myriad of countermeasures to mitigate them. In this paper we expose a new type of attack:...
CVE-2025-9544
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
WordPress Doppler Forms plugin < 2.6.0 - Subscriber+ Limited Plugin Installation vulnerability
Subscriber+ Limited Plugin Installation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Doppler Forms versions 2.6.0...
EUVD-2025-36602
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544 Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544
CVE-2025-9544 affects the Doppler Forms WordPress plugin (versions up to 2.5.1). The issue is an AJAX action install_extension that does not verify user capabilities or use a nonce, enabling any authenticated user (including Subscriber) to install/activate additional Doppler Forms plugins whiteli...
CVE-2025-9544 Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
PT-2025-44236
Name of the Vulnerable Software and Affected Versions Doppler Forms WordPress plugin versions through 2.5.1 Description The Doppler Forms WordPress plugin registers an AJAX action, install extension, without proper verification of user capabilities or the use of a nonce. This allows any...
WordPress plugin Doppler Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Malicious Package
Overview doppler-secrets-fetch-github-action is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...
MAL-2025-48550 Malicious code in doppler-secrets-fetch-github-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ae1d785262a986eb630a24e7abcd16bd4c799262e11059e5911a40f184ee5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-35311
Malicious code in doppler-secrets-fetch-github-action npm...
Malicious code in doppler-secrets-fetch-github-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ae1d785262a986eb630a24e7abcd16bd4c799262e11059e5911a40f184ee5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in doppler-sdk (npm)
The package doppler-sdk was found to contain malicious code...
MAL-2025-48491 Malicious code in doppler-sdk (npm)
The package doppler-sdk was found to contain malicious code...
EUVD-2025-11707
Malicious code in bioql PyPI...
EUVD-2025-10570
Malicious code in bioql PyPI...
EUVD-2025-9856
Malicious code in bioql PyPI...