CVE-2025-1740

creationtimestamp| type| source ---|---|--- 2025-09-03 10:32:23+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxwgjev75c2u 2025-09-03 10:50:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxwhkd65th2p...

PT-2025-35747

Name of the Vulnerable Software and Affected Versions: Barn2 Plugins Posts Table with Search & Sort versions through 1.4.10 Description: The Posts Table with Search & Sort plugin contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations:...

WordPress plugin Posts Table with Search & Sort security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2025-20295

creationtimestamp| type| source ---|---|--- 2025-09-02 10:39:43+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkrlld2u 2025-09-02 10:39:44+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkroj32u 2025-09-02 10:39:46+00:00| seen|...

CVE-2025-20294

creationtimestamp| type| source ---|---|--- 2025-09-02 10:39:43+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkrlld2u 2025-09-02 10:39:44+00:00| seen| https://bsky.app/profile/fraustief.bsky.social/post/3lxtwhkroj32u 2025-09-02 10:39:46+00:00| seen|...

CVE-2025-27034

creationtimestamp| type| source ---|---|--- 2025-09-02 06:45:24+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lxtjeltk4r2q 2025-09-02 16:15:52+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3lxuja4d45225 2025-09-17 22:51:01+00:00| seen|...

CVE-2025-6507

creationtimestamp| type| source ---|---|--- 2025-09-01 09:01:55+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxrajqyulz2q 2025-09-01 09:25:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxrbtu4nl72m 2025-09-01 09:40:51+00:00| seen|...

CVE-2025-9618

The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify plugin...

CVE-2025-9748

creationtimestamp| type| source ---|---|--- 2025-09-01 00:02:00+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxqcecpgof2o 2025-09-01 00:39:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxqei6hncw2p...

CVE-2025-7956

The Ajax Search Lite plugin for WordPress is vulnerable to Basic Information Exposure due to missing authorization in its AJAX search handler in all versions up to, and including, 4.13.1. This makes it possible for unauthenticated attackers to issue repeated AJAX requests to leak the content of a...

WordPress ACF Recent Posts Widget plugin <= 5.9.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin ACF Recent Posts Widget versions = 5.9.3...

CVE-2025-54942

creationtimestamp| type| source ---|---|--- 2025-08-30 08:54:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxm77igvbd2r 2025-08-30 09:01:49+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxm7lqmmfm2q...

WordPress plugin Related Posts Lite 跨站请求伪造漏洞

WordPress Related Posts Lite plugin is a tag-based relevance of the article recommendation plugin, mainly used to improve the site content relevance and user browsing experience. A cross-site request forgery vulnerability exists in the WordPress Related Posts Lite plugin, which stems from missing...

WordPress Related Posts Lite plugin <= 1.12 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Claw.k in WordPress Plugin Related Posts Lite versions = 1.12...

Security Bulletin: Vulnerability in Netty's HttpPostRequestDecoder Allows Unbounded Memory Accumulation, which affects IBM watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The HttpPostRequestDecoder can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no...

CVE-2025-53508

creationtimestamp| type| source ---|---|--- 2025-08-29 06:53:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxjhy4zsvb2j 2025-08-29 07:32:04+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lxjk4du74a2p...

CVE-2025-7956

The Ajax Search Lite plugin for WordPress is vulnerable to Basic Information Exposure due to missing authorization in its AJAX search handler in all versions up to, and including, 4.13.1. This makes it possible for unauthenticated attackers to issue repeated AJAX requests to leak the content of a...

CVE-2025-7956

The CVE-2025-7956 entry concerns Ajax Search Lite for WordPress. It exposes Basic Information through a missing authorization check in ASL_Query within the AJAX search handler, affecting versions up to 4.13.1 (some sources reference 4.13.2 as the fix). The vulnerability allows unauthenticated att...

PT-2025-34968

Name of the Vulnerable Software and Affected Versions: Ajax Search Lite versions prior to 4.13.2 Description: The Ajax Search Lite plugin for WordPress is susceptible to Basic Information Exposure. A missing authorization check in the AJAX search handler allows unauthenticated attackers to...

Linux Distros Unpatched Vulnerability : CVE-2019-20043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in WordPress 3.7 to 5.3.0, authenticated users who do not have the rights to publish a...