X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - THECYBERTHRONE.IN - A La Une - 10/12/2024 10:40

WordPress WPForms flaw CVE-2024-11205

A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe payments and cancellations of Stripe subscriptions Thr vulnerability tracked as CVE-2024-11205 with a CVSS score of 7.5, stems in the ajax_single_payment_refund() and ajax_single_payment_cancel() functions within the plugin’s SingleActionsHandler class. […]

Articles similaires

Sorry! Image not available at this time

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

securityaffairs.co - 18/Mar 15:06

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company...

Sorry! Image not available at this time

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

securityaffairs.co - 18/Mar 15:06

CVE-2026-32746 is a critical flaw in GNU InetUtils telnetd that allows remote attackers to execute code with elevated privileges Cybersecurity company...

Sorry! Image not available at this time

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

itsecuritynews.info - 18/Mar 06:09

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an...

Sorry! Image not available at this time

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

itsecuritynews.info - 18/Mar 06:09

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an...

Sorry! Image not available at this time

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

securityaffairs.co - 12/Mar 13:25

An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive...

Sorry! Image not available at this time

New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes

itsecuritynews.info - 18/Mar 07:05

A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to...

Sorry! Image not available at this time

New Kubernetes NFS CSI Vulnerability Enables Unauthorized Directory Deletion and Changes

itsecuritynews.info - 18/Mar 07:05

A newly disclosed security flaw in the Kubernetes Container Storage Interface (CSI) Driver for Network File System (NFS) exposes storage servers to...

Sorry! Image not available at this time

Cisco Secure Firewall Management Flaw Allows Remote Code Execution

itsecuritynews.info - 05/Mar 08:32

Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a...

Sorry! Image not available at this time

Cisco Secure Firewall Management Flaw Allows Remote Code Execution

itsecuritynews.info - 05/Mar 08:32

Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a...

Sorry! Image not available at this time

FortiClient Hit by Severe SQL Injection Vulnerability Enabling Database Intrusion

itsecuritynews.info - 18/Mar 06:09

Cybersecurity researchers have a detailed a critical security flaw in Fortinet’s FortiClient Enterprise Management Server (EMS). Tracked as...

Les derniers communiqués