CVE-2025-11976

The FuseWP – WordPress User Sync to Email List & Marketing Automation Mailchimp, Constant Contact, ActiveCampaign etc. plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.23.0. This is due to missing or incorrect nonce validation on the...

CVE-2025-11976 FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Cross-Site Request Forgery to Sync Rule Creation

The FuseWP – WordPress User Sync to Email List & Marketing Automation Mailchimp, Constant Contact, ActiveCampaign etc. plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.23.0. This is due to missing or incorrect nonce validation on the...

CVE-2025-11976

CVE-2025-11976 concerns FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) for WordPress. According to connected sources, the vulnerability is a Cross-Site Forgery (CSRF) due to missing or incorrect nonce validation in the save_cha...

PT-2025-43723

Name of the Vulnerable Software and Affected Versions FuseWP – WordPress User Sync to Email List & Marketing Automation plugin versions prior to 1.1.23.0 Description The FuseWP plugin for WordPress is susceptible to a Cross-Site Request Forgery CSRF issue. This is caused by inadequate nonce...

Update Rollup 3 for System Center 2022 Data Protection Manager

Update Rollup 3 for System Center 2022 Data Protection Manager Applies to: System Center 2022 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center Data Protection Manager 2022. It also contains the installation...

WordPress Captivate Sync plugin deserialization vulnerability

WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...

CVE-2025-60221

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue affects Captivate Sync: from n/a through = 3.0.3...

Kentico Xperience < 13.0.178 Multiple Vulnerabilities

According to its self-reported version number, the version of Kentico Xperience on the remote Windows host is prior to 13.0.178. It is, therefore, affected by multiple vulnerabilities: - An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync...

Kentico Xperience < 13.0.173 Auth Bypass

According to its self-reported version number, the version of Kentico Xperience on the remote Windows host is prior to 13.0.173. It is, therefore, affected by an authentication bypass vulnerability via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication...

EUVD-2022-55670

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Use the new numconfigregs property in regmapaddirqchipfwnode Commit faa87ce9196d "regmap-irq: Introduce config registers for irq types" added the numconfigregs, then commit 9edd4f5aee84 "regmap-irq: Deprecate type...

CVE-2025-60221

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue affects Captivate Sync: from n/a through = 3.0.3...

EUVD-2025-35407

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue affects Captivate Sync: from n/a through = 3.0.3...

CVE-2025-60221 WordPress Captivate Sync Plugin <= 3.0.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue affects Captivate Sync: from n/a through = 3.0.3...

CVE-2025-60221 WordPress Captivate Sync Plugin <= 3.0.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Object Injection.This issue affects Captivate Sync: from n/a through = 3.0.3...

CVE-2025-60221

CVE-2025-60221 concerns the WordPress Captivate Sync Plugin (

WordPress plugin Captivate Sync 安全漏洞

WordPress Captivate Sync plugin is a WordPress plugin developed by Captivate, which belongs to RebelBaseMedia's products and is mainly used to simplify the Podcast management process. WordPress Captivate Sync plugin suffers from a deserialization vulnerability that stems from unsafe deserializati...

Linux Distros Unpatched Vulnerability : CVE-2025-11458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

SUSE-SU-2025:3704-1 Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024136 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987665 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync in fw reset flow of halting poll Substitute deltimer with deltimersync...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987636 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: usb: host: Fix deadlock in oxubussuspend There is a deadlock in oxubussuspend, which is...