Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.7 views

CVE-2026-22203

wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows administrators to inadvertently expose OAuth secrets by exporting plugin options as JSON. Attackers can obtain exported files containing plaintext API secrets like fbAppSecret, googleClientSecret, twitterAppSecret...

6.9CVSS5.8AI score0.00274EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 1:18 a.m.15 views

CVE-2026-22203

wpDiscuz before 7.6.47 has an information disclosure vulnerability: exporting plugin options as JSON can leak plaintext OAuth secrets (e.g., fbAppSecret, googleClientSecret, twitterAppSecret, and other social-login credentials) via support tickets, backups, or version control repositories. The CV...

6.9CVSS5.8AI score0.00274EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/11/08 9:15 a.m.4 views

CVE-2025-12098

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.8 via the 'enqueuesocialloginscript' function. This makes it possible for unauthenticated attackers to extract...

5.3CVSS0.00249EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2018/11/13 6:55 p.m.60 views

Secret Sister scam returns in time for Christmas

The festive season may be imminent, but it’s a Facebook Secret Sister not Santa you have to steer clear of. Secret Sister has been a mainstay of Yuletide scams since at least 2015, and has come back around once more. But what is it? Your office probably has a Secret Santa scheme in place. You dra...

7AI score
Exploits0
Rows per page
Query Builder