CVE Alert: CVE-2024-7894
Vulnerability Summary: CVE-2024-7894 The If Menu plugin for WordPress is vulnerable to unauthorized modification of the plugin's license key due...
Month: December 2024
CVE Alert: CVE-2024-11451
Vulnerability Summary: CVE-2024-11451 The Zooom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'zooom' shortcode in...
CVE Alert: CVE-2024-12257
Vulnerability Summary: CVE-2024-12257 The CardGate Payments for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page'...
CVE Alert: CVE-2024-11010
Vulnerability Summary: CVE-2024-11010 The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local File Inclusion...
CVE Alert: CVE-2024-12128
Vulnerability Summary: CVE-2024-12128 The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to Reflected...
CVE Alert: CVE-2024-12167
Vulnerability Summary: CVE-2024-12167 The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_wpnonce'...
CVE Alert: CVE-2024-11374
Vulnerability Summary: CVE-2024-11374 The TWChat – Send or receive messages from users plugin for WordPress is vulnerable to Reflected Cross-Site...
CVE Alert: CVE-2024-11367
Vulnerability Summary: CVE-2024-11367 The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
[FUNKSEC] – Ransomware Victim: ncfe[.]org[.]in
Ransomware Group: FUNKSEC VICTIM NAME: ncfeorgin NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[SARCOMA] – Ransomware Victim: Gulf Petrochemical Services & Trading
Ransomware Group: SARCOMA VICTIM NAME: Gulf Petrochemical Services & Trading NOTE: No files or stolen information are by RedPacket Security....
CVE Alert: CVE-2024-12270
Vulnerability Summary: CVE-2024-12270 The Beautiful taxonomy filters plugin for WordPress is vulnerable to SQL Injection via the 'selects' parameter in...
CVE Alert: CVE-2024-12253
Vulnerability Summary: CVE-2024-12253 The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized...
CVE Alert: CVE-2024-11501
Vulnerability Summary: CVE-2024-11501 The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
CVE Alert: CVE-2024-11464
Vulnerability Summary: CVE-2024-11464 The Easy Code Snippets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter...
CVE Alert: CVE-2024-11380
Vulnerability Summary: CVE-2024-11380 The Mini Program API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'qvideo'...
CVE Alert: CVE-2024-11457
Vulnerability Summary: CVE-2024-11457 The Feedpress Generator – External RSS Frontend Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
CVE Alert: CVE-2024-47115
Vulnerability Summary: CVE-2024-47115 IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary...
CVE Alert: CVE-2024-37071
Vulnerability Summary: CVE-2024-37071 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow...
CVE Alert: CVE-2024-47107
Vulnerability Summary: CVE-2024-47107 IBM QRadar SIEM 7.5 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed...
CVE Alert: CVE-2024-41762
Vulnerability Summary: CVE-2024-41762 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable...
CISA: Fortinet Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS....
CISA: Ivanti Releases Security Updates for Multiple Products
Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 12, 2024. These...
CISA: CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities
CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities Today, the Cybersecurity and Infrastructure...
