WordPress plugin SMTP2GO for WordPress – Email Made Easy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

CVE-2026-3524

Mattermost Plugin Legal Hold versions =1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated attacker to access, create, download, and delete legal hold data via crafted API requests to the plugin's endpoints. Mattermost Advisory ID:...

CVE-2025-1508

The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the downloaddata action in all versions up to, and including, 2.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to download...

WordPress plugin WP Crowdfunding 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

The vulnerability of the DownloadDataFromOfficeMarketPlace method in the Microsoft Exchange Server mail server allows a hacker to disclose protected information.

The vulnerability of the DownloadDataFromOfficeMarketPlace method in the Microsoft Exchange Server mail server is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

CVE-2023-3271

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints...

CVE-2023-3271

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints...

Siemens SIMATIC Cloud Connect 路径遍历漏洞

SIMATIC Cloud Connect 7 is an IoT gateway for connecting programmable logic controllers to cloud services and allows field devices with OPC UA server interfaces to be connected as OPC UA clients. A path traversal vulnerability exists in Siemens SIMATIC Cloud Connect 7, which can be exploited by a...

SUSE CVE-2015-7186

Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger 1 a download or 2 cached profile-data reading via a file: URL in a saved HTML document...

CVE-2022-48165

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

Download: The 2020 Cybersecurity Salary Survey Results

The 2020 Cybersecurity Salary Survey was an online survey published in The Hacker News and created to provide insight into the details related to cybersecurity compensation. There were over 1,500 security professionals who completed the survey. Today you can access the aggregated and analyzed 202...