📄 WordPress SureTriggers 1.0.78 Authentication Bypass

WordPress SureTriggers plugin versions 1.0.78 and below expose an unauthenticated REST endpoint that allows construction of a user creation payload. This proof of concept demonstrates structure and logic only. No admin account is created, no plugin uploaded...

CVE-2025-27213

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...

WordPress plugin SureTriggers 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress SureTriggers plugin <= 1.0.78 - Authorization Bypass vulnerability

Authorization Bypass vulnerability discovered by mikemyers in WordPress Plugin OttoKit versions = 1.0.78...

Ultimate Member <= 1.0.78 - Multiple Vulnerabilities

Ultimate Member Plugin version 1.0.78 has several security vulnerabilities that allow unauthenticated users to delete and upload files, which can ultimately lead to remote code execution...