X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

itsecuritynews.info - 14/Oct 19:32

Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated attackers...

Sorry! Image not available at this time

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

itsecuritynews.info - 14/Oct 19:32

Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated attackers...

Sorry! Image not available at this time

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

itsecuritynews.info - 12/Oct 18:03

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized...

Sorry! Image not available at this time

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

itsecuritynews.info - 12/Oct 18:03

Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized...

Sorry! Image not available at this time

A critical WatchGuard Fireware flaw could allow unauthenticated code execution

itsecuritynews.info - 17/Oct 14:12

A critical WatchGuard Fireware vulnerability, tracked as CVE-2025-9242, could allow unauthenticated code execution. Researchers revealed details of a...

Sorry! Image not available at this time

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process

itsecuritynews.info - 14/Oct 19:32

Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to...

Sorry! Image not available at this time

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process

itsecuritynews.info - 14/Oct 19:32

Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to...

Sorry! Image not available at this time

Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code

itsecuritynews.info - 22/Oct 03:05

Google has swiftly addressed a high-severity flaw in its Chrome browser’s V8 JavaScript engine, releasing an emergency update to thwart potential...

Sorry! Image not available at this time

A critical WatchGuard Fireware flaw could allow unauthenticated code execution

securityaffairs.co - 17/Oct 14:09

A critical WatchGuard Fireware vulnerability, tracked as CVE-2025-9242, could allow unauthenticated code execution. Researchers revealed details of a...

Sorry! Image not available at this time

WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code

itsecuritynews.info - 19/Oct 12:32

WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute...

Les derniers communiqués