X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

Critical Zyxel router flaw exposed devices to remote attacks

itsecuritynews.info - 25/Feb 21:34

Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a...

Sorry! Image not available at this time

Critical Zyxel router flaw exposed devices to remote attacks

itsecuritynews.info - 25/Feb 21:34

Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a...

Sorry! Image not available at this time

Critical Authentication Bypass in better-auth API Keys Plugin Allows Unauthenticated Account Takeover

itsecuritynews.info - 19/Feb 11:09

A critical authentication bypass vulnerability in the better-auth API keys plugin allows unauthenticated attackers to mint privileged API keys for...

Sorry! Image not available at this time

Critical Authentication Bypass in better-auth API Keys Plugin Allows Unauthenticated Account Takeover

itsecuritynews.info - 19/Feb 11:09

A critical authentication bypass vulnerability in the better-auth API keys plugin allows unauthenticated attackers to mint privileged API keys for...

Sorry! Image not available at this time

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges

itsecuritynews.info - 20/Feb 13:18

A critical unauthenticated stack-based buffer overflow vulnerability, tracked as CVE-2026-2329, affecting Grandstream GXP1600 series VoIP phones....

Sorry! Image not available at this time

Grandstream VoIP Phones Vulnerability Grants Attackers Root Privileges

itsecuritynews.info - 20/Feb 13:18

A critical unauthenticated stack-based buffer overflow vulnerability, tracked as CVE-2026-2329, affecting Grandstream GXP1600 series VoIP phones....

Sorry! Image not available at this time

CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs

securityaffairs.co - 19/Feb 11:54

CISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S....

Sorry! Image not available at this time

Critical Zyxel router flaw exposed devices to remote attacks

securityaffairs.co - 25/Feb 20:28

Zyxel fixed a critical flaw in multiple routers that lets unauthenticated attackers remotely execute commands on vulnerable devices. Zyxel addressed a...

Sorry! Image not available at this time

Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control

securityaffairs.co - 26/Feb 11:40

Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability,...

Sorry! Image not available at this time

Critical Windows Admin Center Vulnerability Allows Privilege Escalation

itsecuritynews.info - 18/Feb 07:36

A critical security update addressing a high‑severity elevation of privilege vulnerability in Windows Admin Center (WAC), identified...

Les derniers communiqués