Cobalt Strike Beacon Detected – 185[.]102[.]75[.]120:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: February 2025
CVE Alert: CVE-2024-13564
Vulnerability Summary: CVE-2024-13564 The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
CVE Alert: CVE-2025-1361
Vulnerability Summary: CVE-2025-1361 The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up...
CVE Alert: CVE-2024-13869
Vulnerability Summary: CVE-2024-13869 The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file...
CVE Alert: CVE-2025-1553
Vulnerability Summary: CVE-2025-1553 A vulnerability was found in pankajindevops scale up to 3633544a00245d3df88b6d13d9b3dd0f411be7f6. It has been classified as problematic. Affected...
CVE Alert: CVE-2025-0953
Vulnerability Summary: CVE-2025-0953 The SMTP for Sendinblue – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions...
CVE Alert: CVE-2025-1556
Vulnerability Summary: CVE-2025-1556 A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects...
CVE Alert: CVE-2025-26764
Vulnerability Summary: CVE-2025-26764 Missing Authorization vulnerability in enituretechnology Distance Based Shipping Calculator allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-0918
Vulnerability Summary: CVE-2025-0918 The SMTP for SendGrid – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions...
CVE Alert: CVE-2025-1557
Vulnerability Summary: CVE-2025-1557 A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. Affected is an unknown function....
CVE Alert: CVE-2025-0957
Vulnerability Summary: CVE-2025-0957 The SMTP for Amazon SES – YaySMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in...
CVE Alert: CVE-2025-26757
Vulnerability Summary: CVE-2025-26757 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL...
CVE Alert: CVE-2025-26760
Vulnerability Summary: CVE-2025-26760 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company...
CVE Alert: CVE-2025-26750
Vulnerability Summary: CVE-2025-26750 Missing Authorization vulnerability in appsbd Vitepos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-26756
Vulnerability Summary: CVE-2025-26756 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card...
CVE Alert: CVE-2025-26763
Vulnerability Summary: CVE-2025-26763 Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection. This issue affects...
CVE Alert: CVE-2025-27012
Vulnerability Summary: CVE-2025-27012 Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects...
CVE Alert: CVE-2025-26973
Vulnerability Summary: CVE-2025-26973 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WarfarePlugins Social Warfare allows DOM-Based...
CVE Alert: CVE-2022-28339
Vulnerability Summary: CVE-2022-28339 Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability...
CVE Alert: CVE-2025-26776
Vulnerability Summary: CVE-2025-26776 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell...
CVE Alert: CVE-2025-26774
Vulnerability Summary: CVE-2025-26774 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rock Solid Responsive Modal Builder...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 21, 2025. These...
