CVE-2026-45207

creationtimestamp| type| source ---|---|--- 2026-05-20 22:00:00+00:00| seen| https://jvn.jp/en/vu/JVNVU90583059 2026-05-21 15:58:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmery5elda2e 2026-05-21 17:00:54+00:00| seen|...

YAFNET 跨站脚本漏洞

YAFNET is an ASP.NET open-source forum solution developed by YAFNET’s individual developers. Versions of YAFNET prior to 4.0.5 and 3.2.12 contained a cross-site scripting vulnerability. This vulnerability stemmed from insufficient HTML cleaning or output encoding during postings and replies, whic...

CVE-2026-41422

creationtimestamp| type| source ---|---|--- 2026-05-07 17:09:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbpgc6dvt2q 2026-05-07 17:11:55+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mlbpidtvpoi2 2026-05-07...

CVE-2026-7168

creationtimestamp| type| source ---|---|--- 2026-04-29 06:47:54+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkmix4cvwm2v 2026-04-29 07:10:54+00:00| seen| https://mastodon.social/users/bagder/statuses/116486743707813679 2026-04-29 07:11:04+00:00| seen|...

CVE-2026-23806

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

CVE-2026-23806

CVE-2026-23806 corresponds to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin Jobs for WordPress, affecting versions through 2.8. The issue arises from incorrectly configured access control security levels, potentially enabling unauthorized access or actions ...

PT-2026-27841

Name of the Vulnerable Software and Affected Versions Jobs for WordPress versions through 2.8 Description An authorization issue exists in BlueGlass Interactive AG Jobs for WordPress job postings. This allows exploitation of incorrectly configured access control security levels. Recommendations...

Discourse 安全漏洞

Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse before 2025.12.2, 2026.1.1, and 2026.2.0 contain security vulnerabilities. These vulnerabilities stem...

CVE-2026-24036

Horilla is a free and open source Human Resource Management System HRMS. Versions 1.4.0 and above expose unpublished job postings through the /recruitment/recruitment-details// endpoint without authentication. The response includes draft job titles, descriptions and application link allowing...

CVE-2026-24036

Horilla HRMS (versions 1.4.0 and above) exposes unpublished job postings via the unauthenticated /recruitment/recruitment-details// endpoint. The underlying issue allows viewing draft job titles, descriptions, and application links, revealing internal hiring information and potentially causing ca...

EUVD-2025-205238

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.7.17...

CVE-2025-68597

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Stored XSS.This issue affects Jobs for WordPress: from n/a through = 2.8.1...

CVE-2025-29228

creationtimestamp| type| source ---|---|--- 2025-12-23 18:13:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115770235900335391 2025-12-23 18:14:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3maoe37jhtk2x 2025-12-23 19:40:09+00:00| seen|...

Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks

Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management RMM software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according t...

CVE-2025-40653

creationtimestamp| type| source ---|---|--- 2025-05-26 13:47:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17559 2025-05-26 13:54:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lq3d6j4pzo2e 2025-05-26 15:24:26+00:00| seen|...

CERTFR-2025-ACT-018

creationtimestamp| type| source ---|---|--- 2025-04-28 13:14:22+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3lnutv7hr4w2z 2025-04-28 13:14:23+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/114415767474159253 2025-04-28 15:15:24+00:00| seen|...

CVE-2025-32438

creationtimestamp| type| source ---|---|--- 2025-04-15 22:48:40+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114344414786383468 2025-04-16 00:08:27+00:00| seen| https://t.me/cvedetector/23010 2025-04-16 00:23:16+00:00| seen|...

CVE-2025-31480

creationtimestamp| type| source ---|---|--- 2025-04-04 15:36:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10472 2025-04-04 15:40:21+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llyqu4xlon2g 2025-04-04 16:02:27+00:00| seen|...

CVE-2024-10105

The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-10105

The Job Postings WordPress plugin before 2.7.11 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...