Month: May 2023

Novelist Plugin for WordPress cross-site scripting |

May 30, 2023

NAME__________Novelist Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Novelist Plugin for WordPress 1.2.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Novelist Plugin for WordPress is vulnerable...

Integration for Contact Form 7 and Zoho CRM, Bigin Plugin for WordPress cross-site request forgery | CVE-2023-25976

May 30, 2023

NAME__________Integration for Contact Form 7 and Zoho CRM, Bigin Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Integration for Contact Form...

All In One Schema Rich Snippets Plugin for WordPress cross-site request forgery | CVE-2023-25058

May 30, 2023

NAME__________All In One Schema Rich Snippets Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress All In One Schema Rich Snippets Plugin...

WP Clean Up Plugin for WordPress cross-site request forgery | CVE-2023-25034

May 30, 2023

NAME__________WP Clean Up Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WP Clean Up Plugin for WordPress 1.2.3Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________WP...

For the visually impaired Plugin for WordPress cross-site request forgery | CVE-2023-25038

May 30, 2023

NAME__________For the visually impaired Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress For the visually impaired Plugin for WordPress 0.58Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

Better Notifications for WP Plugin for WordPress cross-site request forgery | CVE-2023-32964

May 30, 2023

NAME__________Better Notifications for WP Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Better Notifications for WP Plugin for WordPress 1.9.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

One Rank Math SEO PRO Plugin for WordPress cross-site scripting | CVE-2023-32800

May 30, 2023

NAME__________One Rank Math SEO PRO Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress One Rank Math SEO PRO Plugin for WordPress 3.0.35Risk...

Spam blacklist Plugin for WordPress cross-site request forgery | CVE-2023-24008

May 30, 2023

NAME__________Spam blacklist Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Spam Blacklist Plugin for WordPress 0.7.8Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Spam blacklist Plugin...

WP Social Bookmarking Light Plugin for WordPress cross-site request forgery | CVE-2023-25029

May 30, 2023

NAME__________WP Social Bookmarking Light Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress WP Social Bookmarking Light Plugin for WordPress 2.0.7Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

Resize at Upload Plus Plugin for WordPress cross-site request forgery | CVE-2023-25467

May 30, 2023

NAME__________Resize at Upload Plus Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Resize at Upload Plus Plugin for WordPress 1.3Risk Level:5.4Exploitability:UnprovenConsequences:Gain...

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

May 30, 2023

A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of...

Vice Society Ransomware Victim: Adsboll

May 30, 2023

Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

BianLian Ransomware Victim: Neutronic Stamping

May 30, 2023

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

BianLian Ransomware Victim: Earlens Corporation

May 30, 2023

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Flash loan attack on Jimbos Protocol steals over $7.5 million

May 30, 2023

Jimbos Protocol, an Arbitrum-based DeFi project, has suffered a flash loan attack that resulted in the loss of more than...

Lazarus hackers target Windows IIS web servers for initial access

May 30, 2023

The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS)...

New hacking forum leaks data of 478,000 RaidForums members

May 30, 2023

A database for the notorious RaidForums hacking forums has been leaked online, allowing threat actors and security researchers insight into...

MCNA Dental data breach impacts 8.9 million people after ransomware attack

May 30, 2023

Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million...

CISA: Cisco Releases Security Advisory for Small Business Series Switches

May 30, 2023

Cisco Releases Security Advisory for Small Business Series Switches Cisco released a security advisory to address multiple vulnerabilities affecting the...

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

May 30, 2023

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Releases Five Industrial Control Systems Advisories

May 30, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on May 16, 2023. These...

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

May 30, 2023

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA: CISA Releases Four Industrial Control Systems Advisories

May 30, 2023

CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on May 23, 2023. These...

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

May 30, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

Month: May 2023

Novelist Plugin for WordPress cross-site scripting |

Integration for Contact Form 7 and Zoho CRM, Bigin Plugin for WordPress cross-site request forgery | CVE-2023-25976

All In One Schema Rich Snippets Plugin for WordPress cross-site request forgery | CVE-2023-25058

WP Clean Up Plugin for WordPress cross-site request forgery | CVE-2023-25034

For the visually impaired Plugin for WordPress cross-site request forgery | CVE-2023-25038

Better Notifications for WP Plugin for WordPress cross-site request forgery | CVE-2023-32964

One Rank Math SEO PRO Plugin for WordPress cross-site scripting | CVE-2023-32800

Spam blacklist Plugin for WordPress cross-site request forgery | CVE-2023-24008

WP Social Bookmarking Light Plugin for WordPress cross-site request forgery | CVE-2023-25029

Resize at Upload Plus Plugin for WordPress cross-site request forgery | CVE-2023-25467

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

Vice Society Ransomware Victim: Adsboll

BianLian Ransomware Victim: Neutronic Stamping

BianLian Ransomware Victim: Earlens Corporation

Flash loan attack on Jimbos Protocol steals over $7.5 million

Lazarus hackers target Windows IIS web servers for initial access

New hacking forum leaks data of 478,000 RaidForums members

MCNA Dental data breach impacts 8.9 million people after ransomware attack

CISA: Cisco Releases Security Advisory for Small Business Series Switches

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Five Industrial Control Systems Advisories

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

[FUNKSEC] – Ransomware Victim: gsw[.]co[.]in

CVE Alert: CVE-2025-0174

CVE Alert: CVE-2025-0176

CVE Alert: CVE-2025-0175

CVE Alert: CVE-2024-53842

You may have missed