A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...
Continue Reading
August 05, 2025
The vulnerability allowed unauthorized disclosure of private email addresses of WakaTime users through the private leaderboards feature. The email addresses were exposed to leaderboard creators and me ...
Continue Reading
August 05, 2025
A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field under the Manage Tags section. Arbitrary input entered into this field was reflected ba ...
Continue Reading
August 05, 2025
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
Vulnerability description not...Read More ...
Continue Reading
August 05, 2025
The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...
Continue Reading
August 05, 2025
The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...
Continue Reading
August 05, 2025
A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...
Continue Reading
August 05, 2025
Back to Main
