Linux Distros Unpatched Vulnerability : CVE-2025-38039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver...

WordPress AnWP Football Leagues plugin <= 0.16.17 - Authenticated (Administrator+) CSV Injection vulnerability

Authenticated Administrator+ CSV Injection vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin AnWP Football Leagues versions = 0.16.17...

WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WordPress Event Manager, Event Calendar and Booking Plugin versions = 4.0.24...

WordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by theviper17 in WordPress Plugin Project Cost Calculator versions = 1.0.0...

Linux Distros Unpatched Vulnerability : CVE-2021-3347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execut...

WordPress GravityWP - Merge Tags <= 1.4.4 - Local File Inclusion Vulnerability

WordPress GravityWP - Merge Tags = 1.4.4 - Local File Inclusion Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin GravityWP - Merge Tags versions = 1.4.4...

WordPress FundEngine Plugin <= 1.7.4 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin FundEngine versions = 1.7.4...

WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin IDonatePro versions = 2.1.9...

WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Easy Form Builder versions = 3.8.15...

WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin CF7 WOW Styler versions = 1.7.2...

WordPress Code Engine Plugin <= 0.3.3 - Remote Code Execution (RCE) Vulnerability

Remote Code Execution RCE Vulnerability discovered by theviper17 in WordPress Plugin Code Engine versions = 0.3.3...

net_sched: prio: fix a race in prio_tune()

...

Linux Distros Unpatched Vulnerability : CVE-2021-47592

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue:- ...

net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled

...

WordPress Urna Theme <= 2.5.7 is vulnerable to Local File Inclusion

Software Urna Type Theme Vulnerable versions = 2.5.7 Fixed in 2.5.8 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-54689 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 1413940e912e Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

WordPress Woffice Core plugin <= 5.4.26 - Authenticated (Contributor+) Arbitrary File Deletion vulnerability

Authenticated Contributor+ Arbitrary File Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Woffice Core versions = 5.4.26...

Why Cybersecurity Should Be a Board-Level Priority in Every Company – Perspective from Serhii Mikhalap

Cybersecurity is no longer a technical afterthought, thanks to today’s interconnected world. It’s a boardroom imperative. As online…...

WordPress Druco Theme <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Druco Type Theme Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-54055 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5fecdac8e286 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...

WordPress Brizy plugin <= 2.6.20 - Missing Authorization to Unauthenticated Limited File Upload vulnerability

Missing Authorization to Unauthenticated Limited File Upload vulnerability discovered by mikemyers in WordPress Plugin Brizy versions = 2.6.20...

WordPress MinimogWP Theme <= 3.9.0 is vulnerable to Content Injection

Software MinimogWP Type Theme Vulnerable versions = 3.9.0 Fixed in 3.9.1 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2025-8198 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d80fff95e821 Credits Valatty Required privilege Unauthenticated Published ...