PT-2025-44719

Name of the Vulnerable Software and Affected Versions Service Finder Bookings plugin for WordPress versions prior to 6.1 Description The Service Finder Bookings plugin for WordPress is susceptible to privilege escalation, potentially leading to account takeover. This occurs because the plugin doe...

EUVD-2025-24006

Malicious code in bioql PyPI...

Update to How CISA Shares Cyber-Related Alerts and Notifications

Update May 13 : In an effort to enhance user experience and highlight the most timely and actionable information for cyber defenders, CISA announced a shift in how we share cybersecurity alerts and advisories. We recognize this has caused some confusion in the cyber community. As such, we have...

HackerOne: Banned researcher gets email updates on a private program.

Hi Team, I found out that after getting banned from the program, I still getting email updates about the private program, e.g. access of beta product, new scope changes etc. Those private messages can contain some important data that program doesn't want to share with the banned researcher for ex...

HackerOne: Researcher gets email updates on a private program after he/she quits that program.

Summary: I found out that after I quit private program, I still gets update about that program, e.g. new scope changes/amount of money and etc. Description Include Impact: I noticed that if I quit program I still gets email updates about the private program, private data can be leak on that email...