X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

F5 NGINX Plus and Open Source Vulnerability Allow Attackers to Execute Code Using MP4 file

itsecuritynews.info - 25/Mar 14:09

A high-severity vulnerability has been disclosed affecting both NGINX Open Source and NGINX Plus. Tracked formally as CVE-2026-32647, this security...

Sorry! Image not available at this time

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

itsecuritynews.info - 22/Mar 16:07

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released...

Sorry! Image not available at this time

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

itsecuritynews.info - 22/Mar 16:07

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released...

Sorry! Image not available at this time

File read flaw in Smart Slider plugin impacts 500K WordPress sites

bleepingcomputer.com - 29/Mar 14:38

A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access...

Sorry! Image not available at this time

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

securityaffairs.co - 22/Mar 15:37

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released...

Sorry! Image not available at this time

Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager

securityaffairs.co - 22/Mar 15:37

Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released...

Sorry! Image not available at this time

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

securityaffairs.co - 30/Mar 10:43

Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical...

Sorry! Image not available at this time

Cisco Secure Firewall Vulnerability Exposes Systems to Remote Code Execution by Attackers

itsecuritynews.info - 26/Mar 05:11

Cisco has released critical security updates to address a maximum-severity vulnerability affecting its Secure Firewall Management Center (FMC)...

Sorry! Image not available at this time

CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw

securityaffairs.co - 27/Mar 14:58

CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an...

Sorry! Image not available at this time

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

securityaffairs.co - 28/Mar 07:33

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog. The U.S....

Les derniers communiqués