MainWP: Stored Cross-Site Scripting (XSS) in “Add Contact” Name Field – MainWP Plugin

A stored cross-site scripting (XSS) vulnerability was discovered in the MainWP WordPress plugin. The vulnerability was found in the "Add Contact" > Contact Name field, where u ...

Continue Reading

August 05, 2025

curl: Use after free (or assert triggered) with failed allocations in openssl

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Uncontrolled File Write/Arbitrary File Creation

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

MainWP: Reflected XSS in “Cost Tracker” Notes Field

The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...

Continue Reading

August 05, 2025

curl: arbitrary file read via `file://` path traversal with `–path-as-is`

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

HackerOne: Account takeover of existing HackerOne accounts through SCIM provisioning

The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the v ...

Continue Reading

August 05, 2025

curl: Exposure of Private RSA Private Key in curl GitHub Repository

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

1 42,048 42,049 42,050 42,051 42,052 385,998

Back to Main
Subscribe for the latest news: