CVE-2024-10957: UpdraftPlus WordPress Plugin Vulnerability

CVE-2024-10957 is a high-severity vulnerability affecting the UpdraftPlus: WP Backup & Migration Plugin for WordPress. This vulnerability, present in versions up to and including 1.24.11, enables attackers to perform PHP Object Injection through the deserialization of untrusted input in the recursive_unserialized_replace function. Here’s a comprehensive analysis of this vulnerability, its potential impact, and mitigation strategies. […]

Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely

itsecuritynews.info - 05/Dec 08:32

A critical command injection vulnerability in the open-source network monitoring tool Cacti allows authenticated attackers to execute arbitrary code...

Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely

itsecuritynews.info - 05/Dec 08:32

A critical command injection vulnerability in the open-source network monitoring tool Cacti allows authenticated attackers to execute arbitrary code...

Maximum-severity XXE vulnerability discovered in Apache Tika

itsecuritynews.info - 06/Dec 01:02

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516...

Maximum-severity XXE vulnerability discovered in Apache Tika

itsecuritynews.info - 06/Dec 01:02

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516...

Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data

itsecuritynews.info - 16/Dec 12:32

ConnectWise has issued a security update for ScreenConnect™ to address a critical vulnerability that could enable attackers to expose sensitive...

Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data

itsecuritynews.info - 16/Dec 12:32

ConnectWise has issued a security update for ScreenConnect™ to address a critical vulnerability that could enable attackers to expose sensitive...

Maximum-severity XXE vulnerability discovered in Apache Tika

securityaffairs.co - 06/Dec 00:03

A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516...

HPE OneView Software Vulnerability Let Attackers Execute Remote Code

itsecuritynews.info - 15:32

A critical security alert warns customers about a severe vulnerability in HPE OneView Software that could allow remote attackers to execute arbitrary...

HPE OneView Software Vulnerability Let Attackers Execute Remote Code

itsecuritynews.info - 15:32

A critical security alert warns customers about a severe vulnerability in HPE OneView Software that could allow remote attackers to execute arbitrary...

CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability

itsecuritynews.info - 09/Dec 23:02

Get technical details about a security vulnerability (CVE-2025-53841) in Akamai’s Guardicore Platform Agent for Windows and clear guidance on...

العناوين :

CVE-2024-10957: UpdraftPlus WordPress Plugin Vulnerability

Articles similaires

Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely

Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely

Maximum-severity XXE vulnerability discovered in Apache Tika

Maximum-severity XXE vulnerability discovered in Apache Tika

Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data

Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data

Maximum-severity XXE vulnerability discovered in Apache Tika

HPE OneView Software Vulnerability Let Attackers Execute Remote Code

HPE OneView Software Vulnerability Let Attackers Execute Remote Code

CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability

أحدث الإصدارات