CVE Alert: CVE-2024-13557
Vulnerability Summary: CVE-2024-13557 The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions...
Month: March 2025
CVE Alert: CVE-2025-2266
Vulnerability Summary: CVE-2025-2266 The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data...
CVE Alert: CVE-2025-2840
Vulnerability Summary: CVE-2025-2840 The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
CVE Alert: CVE-2024-11180
Vulnerability Summary: CVE-2024-11180 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer...
CVE Alert: CVE-2025-2803
Vulnerability Summary: CVE-2025-2803 The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up...
CVE Alert: CVE-2024-55895
Vulnerability Summary: CVE-2024-55895 IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed...
Cobalt Strike Beacon Detected – 150[.]158[.]77[.]31:8899
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]200[.]220[.]44:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 115[.]175[.]2[.]248:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE Alert: CVE-2025-2877
Vulnerability Summary: CVE-2025-2877 A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set...
CVE Alert: CVE-2025-31473
Vulnerability Summary: CVE-2025-31473 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewprice1178 WP Database Optimizer allows...
CVE Alert: CVE-2025-0986
Vulnerability Summary: CVE-2025-0986 IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain...
CVE Alert: CVE-2025-2901
Vulnerability Summary: CVE-2025-2901 A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs...
CVE Alert: CVE-2024-54362
Vulnerability Summary: CVE-2024-54362 Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue affects GetShop ecommerce: from n/a...
CVE Alert: CVE-2025-22523
Vulnerability Summary: CVE-2025-22523 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Schedule allows...
CVE Alert: CVE-2025-22501
Vulnerability Summary: CVE-2025-22501 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Improve My City...
CVE Alert: CVE-2024-51624
Vulnerability Summary: CVE-2024-51624 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jajapagamentos Já-Já Pagamentos for WooCommerce...
CVE Alert: CVE-2025-22360
Vulnerability Summary: CVE-2025-22360 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Azure offload allows...
CVE Alert: CVE-2024-54291
Vulnerability Summary: CVE-2024-54291 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound PluginPass allows Manipulating...
CVE Alert: CVE-2025-22566
Vulnerability Summary: CVE-2025-22566 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ULTIMATE VIDEO GALLERY allows...
CVE Alert: CVE-2025-22356
Vulnerability Summary: CVE-2025-22356 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stencies Stencies allows Reflected XSS....
CVE Alert: CVE-2025-22526
Vulnerability Summary: CVE-2025-22526 Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics allows Object Injection. This issue affects...
CVE Alert: CVE-2025-22575
Vulnerability Summary: CVE-2025-22575 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendyourweb SUPER RESPONSIVE SLIDER allows...
CVE Alert: CVE-2025-22767
Vulnerability Summary: CVE-2025-22767 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in globalpayments GlobalPayments WooCommerce allows Reflected...
