X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover

securityaffairs.co - 16/Jan 08:26

A critical Modular DS WordPress flaw (CVE-2026-23550) is actively exploited, enabling unauthenticated privilege escalation. Threat actors are actively...

Sorry! Image not available at this time

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Sorry! Image not available at this time

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Sorry! Image not available at this time

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

securityaffairs.co - 20/Jan 15:20

TP-Link fixed a critical flaw that exposed over 32 VIGI C and VIGI InSight camera models to remote hacking, with over 2,500 internet-exposed devices...

Sorry! Image not available at this time

Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire

itsecuritynews.info - 14/Jan 13:32

Microsoft has addressed a critical security feature bypass vulnerability in Windows Secure Boot certificates, tracked as CVE-2026-21265, through its...

Sorry! Image not available at this time

Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire

itsecuritynews.info - 14/Jan 13:32

Microsoft has addressed a critical security feature bypass vulnerability in Windows Secure Boot certificates, tracked as CVE-2026-21265, through its...

Sorry! Image not available at this time

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

itsecuritynews.info - 13/Jan 12:02

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated...

Sorry! Image not available at this time

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

itsecuritynews.info - 13/Jan 12:02

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated...

Sorry! Image not available at this time

Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks

itsecuritynews.info - 11/Jan 13:04

  A critical security flaw in MongoDB could allow unauthenticated attackers to extract sensitive data directly from server memory, prompting urgent...

Sorry! Image not available at this time

Critical MongoDB Flaw Allows Unauthenticated Memory Data Leaks

itsecuritynews.info - 11/Jan 13:04

  A critical security flaw in MongoDB could allow unauthenticated attackers to extract sensitive data directly from server memory, prompting urgent...

Les derniers communiqués