curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

MainWP: Stored Cross-Site Scripting (XSS) in “Add Contact” Name Field – MainWP Plugin

A stored cross-site scripting (XSS) vulnerability was discovered in the MainWP WordPress plugin. The vulnerability was found in the "Add Contact" > Contact Name field, where u ...

Continue Reading

August 12, 2025

WakaTime: Not a Vuln: Race Condition Allows Creation of Multiple Organizations with the Same Name

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage

A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...

Continue Reading

August 12, 2025

curl: GnuTLS CURLINFO_TLS_SESSION / CURLINFO_TLS_SSL_PTR type confusion

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

Nintendo: Man-in-the-middle through broken SSL certificate verification

The vulnerability allowed an attacker to perform a man-in-the-middle attack by bypassing SSL certificate...Read More ...

Continue Reading

August 12, 2025

curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling

Vulnerability description not...Read More ...

Continue Reading

August 12, 2025

1 32,511 32,512 32,513 32,514 32,515 385,998

Back to Main
Subscribe for the latest news: