12Şub
Fake Etsy invoice scam tricks sellers into sharing credit card information
Etsy sellers are being targeted by scammers that use a legitimate Etsy domain to host their dodgy PDFs.
12Şub
Running zap scan on a web application is not detecting all endpoints
I want to run ZAP automated scan to a web application. I have the url which is example.com/myapp. When I browse the application in burpsuite, I can see some rest endpoints being called like example.com/authz/rights-administration/.
When ru…
12Şub
CVE-2024-10322 | themefusecom Brizy Plugin up to 2.6.8 on WordPress REST API SVG File Upload cross site scripting
A vulnerability has been found in themefusecom Brizy Plugin up to 2.6.8 on WordPress and classified as problematic. This vulnerability affects unknown code of the component REST API SVG File Upload Handler. The manipulation leads to cross site scriptin…
12Şub
CVE-2024-12386 | kevonadonis WP Abstracts Plugin up to 2.7.3 on WordPress cross-site request forgery
A vulnerability, which was classified as problematic, was found in kevonadonis WP Abstracts Plugin up to 2.7.3 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified …
12Şub
CVE-2025-0511 | uscnanbu Welcart e-Commerce Plugin up to 2.11.9 on WordPress name cross site scripting
A vulnerability, which was classified as problematic, has been found in uscnanbu Welcart e-Commerce Plugin up to 2.11.9 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument name leads to cross site script…
12Şub
CVE-2024-13532 | enituretechnology Small Package Quotes Plugin up to 3.6.4 on WordPress edit_id/dropship_edit_id sql injection
A vulnerability classified as critical was found in enituretechnology Small Package Quotes Plugin up to 3.6.4 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation of the argument edit_id/dropship_edit_id leads to s…
12Şub
CVE-2024-13480 | enituretechnology LTL Freight Quotes Plugin up to 3.4.1 on WordPress edit_id/dropship_edit_id sql injection
A vulnerability classified as critical has been found in enituretechnology LTL Freight Quotes Plugin up to 3.4.1 on WordPress. Affected is an unknown function. The manipulation of the argument edit_id/dropship_edit_id leads to sql injection.
This vuln…
12Şub
CVE-2024-13477 | enituretechnology LTL Freight Quotes Plugin up to 2.5.8 on WordPress edit_id sql injection
A vulnerability was found in enituretechnology LTL Freight Quotes Plugin up to 2.5.8 on WordPress. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument edit_id leads to sql injection.
The identifi…
12Şub
CVE-2024-10960 | themefusecom Brizy Plugin up to 2.6.4 on WordPress unrestricted upload
A vulnerability was found in themefusecom Brizy Plugin up to 2.6.4 on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload.
This vulnerability was named CVE-2024-10960. The…
12Şub
Gambling firms are secretly sharing your data with Facebook
Gambling companies are sharing their users’ data with Meta for marketing and tracking purposes.
