WordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by theviper17 in WordPress Plugin Project Cost Calculator versions = 1.0.0...

Linux Distros Unpatched Vulnerability : CVE-2021-3347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execut...

WordPress GravityWP - Merge Tags <= 1.4.4 - Local File Inclusion Vulnerability

WordPress GravityWP - Merge Tags = 1.4.4 - Local File Inclusion Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin GravityWP - Merge Tags versions = 1.4.4...

WordPress FundEngine Plugin <= 1.7.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin FundEngine versions = 1.7.4...

WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin IDonatePro versions = 2.1.9...

WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Easy Form Builder versions = 3.8.15...

WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin CF7 WOW Styler versions = 1.7.2...

WordPress Code Engine Plugin <= 0.3.3 - Remote Code Execution (RCE) Vulnerability

Remote Code Execution RCE Vulnerability discovered by theviper17 in WordPress Plugin Code Engine versions = 0.3.3...

net_sched: prio: fix a race in prio_tune()

...

Linux Distros Unpatched Vulnerability : CVE-2021-47592

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- ...

WordPress Urna Theme <= 2.5.7 is vulnerable to Local File Inclusion

Software Urna Type Theme Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-54689 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1413940e912e Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled

...

WordPress Woffice Core plugin <= 5.4.26 - Authenticated (Contributor+) Arbitrary File Deletion vulnerability

Authenticated Contributor+ Arbitrary File Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Woffice Core versions = 5.4.26...

Why Cybersecurity Should Be a Board-Level Priority in Every Company – Perspective from Serhii Mikhalap

Cybersecurity is no longer a technical afterthought, thanks to today’s interconnected world. It’s a boardroom imperative. As online…...

WordPress Druco Theme <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Druco Type Theme Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-54055 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5fecdac8e286 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

WordPress Brizy plugin <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload vulnerability

Missing Authorization to Unauthenticated Limited File Upload vulnerability discovered by mikemyers in WordPress Plugin Brizy versions = 2.6.20...

WordPress Platform Theme < 1.4.4 is vulnerable to Broken Access Control

Software Platform Type Theme Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2015-10143 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 04b827207d59 Credits Marc-Alexandre Montpas Required...

WordPress MinimogWP Theme <= 3.9.0 is vulnerable to Content Injection

Software MinimogWP Type Theme Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2025-8198 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d80fff95e821 Credits Valatty Required privilege Unauthenticated Published ...

Priv2Admin

This repository, Priv2Admin, is an exploitation path that allows users to misuse Windows privileges to elevate their rights within the OS. The repository lists various Windows privileges and their corresponding impact, tools, execution paths, and remarks. The privileges include...

WordPress ReachShip WooCommerce Multi-Carrier & Conditional Shipping <= 4.3.1 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ReachShip WooCommerce Multi-Carrier & Conditional Shipping versions = 4.3.1...