A vulnerability was found in buddydev Activity Plus Reloaded for BuddyPress Plugin up to 1.1.1 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to server-side request for…
A vulnerability was found in IBM Cognos Dashboards on Cloud Pak for Data 4.0.7/5.0.0. It has been classified as very critical. Affected is an unknown function. The manipulation leads to uncontrolled search path.
This vulnerability is traded as CVE-202…
A vulnerability was found in rometheme RomethemeKit for Elementor Plugin up to 1.5.2 on WordPress and classified as problematic. This issue affects the function register_controls of the file widgets/offcanvas-rometheme.php of the component Template Dat…
I would like to ask if the following solution is correct. I don’t think so, but I would like to hear someone else’s opinion.
In the admin control of our system, there is a function where I can open a web application as any registered user….
A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network.
The 119 vu…
A vulnerability has been found in Custom Page Extensions Plugin up to 0.6 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2025-23888….
I’ve read through similar questions, and I don’t think this one is a duplicate, but I’m not too sure.
My Google Takeout shows activity from a Linux OS on a specific date and the IP address is my home’s IP address. I do not have a Linux OS…
A vulnerability, which was classified as problematic, was found in FooGallery Captions Plugin up to 1.0.2 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025…
A vulnerability, which was classified as problematic, has been found in wpwax Post Grid, Slider & Carousel Ultimate Plugin up to 1.6.10 on WordPress. Affected by this issue is the function pgcu of the component Shortcode Handler. The manipulation leads to improper control of filename for include/require statement in php program (‘php remote file inclusion’).
This vulnerability is handled as CVE-2024-13408. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability classified as critical was found in wpwax Post Grid Slider & Carousel Ultimate Plugin up to 1.6.10 on WordPress. Affected by this vulnerability is the function post_type_ajax_handler of the component Shortcode Handler. The manipulation …
