EUVD-2025-5635

Malicious code in bioql PyPI...

Malicious code in 9c-lord-backend (npm)

The package 9c-lord-backend was found to contain malicious code...

MAL-2025-7040 Malicious code in 9c-lord-backend (npm)

The package 9c-lord-backend was found to contain malicious code...

CVE-2025-1382

The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

WordPress Contact Us By Lord Linus plugin <= 2.6 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Contact Us By Lord Linus versions = 2.6...

CVE-2025-1382 Contact Us By Lord Linus <= 2.6 - Admin+ Stored XSS via CSRF

The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

PT-2025-10435

Name of the Vulnerable Software and Affected Versions Contact Us By Lord Linus WordPress plugin versions 2.6 and earlier Description The issue is related to the lack of CSRF check in some places and missing sanitisation as well as escaping in the Contact Us By Lord Linus WordPress plugin. This...

CVE-2025-25127

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rohitashv Singhal Contact Us By Lord Linus contact-us-by-lord-linus allows Reflected XSS.This issue affects Contact Us By Lord Linus: from n/a through = 2.6...

CVE-2025-25127

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rohitashv Singhal Contact Us By Lord Linus contact-us-by-lord-linus allows Reflected XSS.This issue affects Contact Us By Lord Linus: from n/a through = 2.6...

CVE-2025-25127

CVE-2025-25127 is a reflected cross-site scripting (XSS) vulnerability affecting WordPress plugin Contact Us By Lord Linus up to version 2.6. The issue arises from improper input neutralization during web page generation, enabling attackers to reflect script payloads via user-supplied input. The ...

CVE-2025-25127 WordPress Contact Us By Lord Linus Plugin <= 2.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rohitashv Singhal Contact Us By Lord Linus contact-us-by-lord-linus allows Reflected XSS.This issue affects Contact Us By Lord Linus: from n/a through = 2.6...

CVE-2025-25127 WordPress Contact Us By Lord Linus Plugin <= 2.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rohitashv Singhal Contact Us By Lord Linus contact-us-by-lord-linus allows Reflected XSS.This issue affects Contact Us By Lord Linus: from n/a through = 2.6...

WordPress plugin Contact Us By Lord Linus 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an applicatio...

WordPress Contact Us By Lord Linus Plugin <= 2.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Contact Us By Lord Linus versions = 2.6...

Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign

The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control C2 infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. "While occasionally switching to a new remote administration tool or...

Dark Web Drug Lord Pleads Guilty, Forfeits $150M Cryptocurrency

By Waqas Banmeet Singh, an Indian national, was arrested in London, England, on April 26, 2019, and extradited to the United States on March 19, 2023. This is a post from HackRead.com Read the original post: Dark Web Drug Lord Pleads Guilty, Forfeits $150M Cryptocurrency...

order.lordofthefries.com.au Cross Site Scripting vulnerability OBB-3771740

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

MP3 Convert Lord V1.0 Local Seh Exploit

Exploit Title: MP3 Convert Lord V1.0 Local Seh Exploit Date: 06.01.2023 Vendor Homepage: http://www.avlord.com/ Software Link: https://www.softpedia.com/dyn-postdownload.php/baa965c6b5d22d62987a4638f33d5ec1/63b86eb2/3ecb/4/2 Exploit Author: Achilles Tested Version: 1.0 Tested on: Windows 7 x64 1....

A Billion-Dollar Dark Web Crime Lord Calls It Quits

The “big hack” redux, riot planning on Facebook, and more of the week’s top security news...

coffeelord.com Cross Site Scripting vulnerability OBB-1363905

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...