MainWP: Reflected XSS in “Cost Tracker” Notes Field
The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...
Continue Reading
August 05, 2025
WakaTime: Not a Vuln: Race Condition Allows Creation of Multiple Organizations with the Same Name
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
curl: OpenSSL HTTP/3 bogus CURLINFO_TLS_SSL_PTR
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
Lichess: Improper Authentication Throttling Allows Attacker-Controlled Account Lockouts
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
curl: Vulnerability Report: Public Exposure of Security Audit File
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
Hemi VDP: WordPress Version Exposure via ███████ on hemi.xyz
The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...
Continue Reading
August 05, 2025
curl: HTTP Request Smuggling Vulnerability Analysis – cURL Security Report
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
Back to Main
