X

Vous n'êtes pas connecté

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

Nuclei flaw allows signature bypass and code execution

securityaffairs.co - 05/Jan 19:06

A vulnerability in Nuclei, an open-source vulnerability scanner, could allow attackers to bypass signature checks and execute malicious code. A...

Sorry! Image not available at this time

CVE-2024-53704 impacts SonicWall

thecyberthrone.in - 11/Jan 11:42

CVE-2024-53704 is a high-severity vulnerability impacting SonicWall’s SSLVPN authentication mechanism. This flaw, with a CVSS score of 8.2,...

Sorry! Image not available at this time

Researchers disclosed details of a now-patched Samsung zero-click flaw

securityaffairs.co - 10/Jan 14:45

Researchers at Google Project Zero disclosed a now-patched zero-click vulnerability that affects Samsung devices. Google Project Zero researchers...

Sorry! Image not available at this time

CVE-2024-10957: UpdraftPlus WordPress Plugin Vulnerability

thecyberthrone.in - 06/Jan 09:17

CVE-2024-10957 is a high-severity vulnerability affecting the UpdraftPlus: WP Backup & Migration Plugin for WordPress. This vulnerability, present...

Sorry! Image not available at this time

CVE-2024-21182: Oracle WebLogic Server Flaw Exploit Code Released

thecyberthrone.in - 31/12/2024 07:32

CVE-2024-21182 is a high-severity vulnerability identified in Oracle WebLogic Server. This security flaw affects specific versions of the software,...

Sorry! Image not available at this time

CVE-2024-21182: Oracle WebLogic Server Flaw Exploit Code Released

thecyberthrone.in - 31/12/2024 07:32

CVE-2024-21182 is a high-severity vulnerability identified in Oracle WebLogic Server. This security flaw affects specific versions of the software,...

Sorry! Image not available at this time

CVE-2024-12847: Proof-of-Concept Exploit Code Released

thecyberthrone.in - 11/Jan 06:37

Overview CVE-2024-12847 is a critical security vulnerability affecting certain models of NETGEAR routers, notably the DGN1000 and DGN2200 v1. This...

Sorry! Image not available at this time

Hackers exploit Four-Faith router flaw to open reverse shells

bleepingcomputer.com - 30/12/2024 18:03

Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open...

Sorry! Image not available at this time

LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

securityaffairs.co - 03/Jan 09:42

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability...

Sorry! Image not available at this time

CVE-2024-11944: TrueNAS CORE has Severe Directory Traversal Flaw

thecyberthrone.in - 04/Jan 05:23

CVE-2024-11944 is a vulnerability identified in iXsystems TrueNAS CORE. This vulnerability is classified as a Directory Traversal and Remote Code...

Les derniers communiqués

  • Aucun élément