37 matches found
CVE-2026-12435
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.4.111. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
EUVD-2026-40935
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.4.111. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-12435 Motors <= 1.4.111 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification via 'stm_mark_as_sold_car' Parameter
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.4.111. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...
CVE-2026-12435
The Motors – Car Dealership & Classified Listings Plugin for WordPress is affected up to version 1.4.111 by an authorization bypass. An authenticated user with subscriber-level access can mark or unmark another user’s car listing as Sold by replaying a valid nonce from their own listing against a...
CVE-2025-14231
Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...
New HyperRat Android Malware Sold as Ready-Made Spy Tool
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features...
EUVD-2020-14273
Malware in sbrugna...
Malicious code in future-sold-correctly (npm)
The package future-sold-correctly was found to contain malicious code...
Malicious code in season-sold-nice (npm)
The package season-sold-nice was found to contain malicious code...
MAL-2025-44343 Malicious code in future-sold-correctly (npm)
The package future-sold-correctly was found to contain malicious code...
MAL-2025-45981 Malicious code in season-sold-nice (npm)
The package season-sold-nice was found to contain malicious code...
CVE-2024-0821
The Cost of Goods Sold COGS: Cost & Profit Calculator for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'section' parameter in all versions up to, and including, 3.2.8 due to insufficient input sanitization and output escaping. This makes it possible for...
Malicious code in item-sold-count (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a46503c4e90014d05e169ab2eb5f007e146799827b815ffce79871612b624c9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11045 Malicious code in item-sold-count (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a46503c4e90014d05e169ab2eb5f007e146799827b815ffce79871612b624c9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Hacker Claims Breach of UK’s Experience Engine, Data Sold Online
A hacker known as IntelBroker claims to have breached the UK-based company Experience Engine, allegedly exposing sensitive data.…...
Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data
By Waqas Dell has announced a data breach, while a hacker using the alias Menelik is selling 49 million Dell customer data on the notorious Breach Forums. This is a post from HackRead.com Read the original post: Dell Discloses Data Breach As Hacker Sells 49 Million Customer Data...
Buffer overflow
Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.:Satera MF740C Series/Satera MF640C...
WordPress Plugin Cost of Goods Sold Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
CVE-2023-6232
Buffer overflow in the Address Book username process in authentication of Mobile Device Function of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C...
Russia’s 2nd-Largest Insurer Rosgosstrakh Hacked; 400GB of Data Sold Online
By Waqas The hackers are selling the trove of data for $50,000 in Bitcoin BTC or Monero XMR cryptocurrency. This is a post from HackRead.com Read the original post: Russias 2nd-Largest Insurer Rosgosstrakh Hacked; 400GB of Data Sold Online...