MainWP: Reflected XSS in “Client Notes” Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" functionality under the Edit Client section. User input in the notes input field was not properly s ...

Continue Reading

July 17, 2025

MainWP: Reflected XSS in “Manage Tags” Notes Field

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field under the Manage Tags section. Arbitrary input entered into this field was reflected ba ...

Continue Reading

July 17, 2025

curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

MainWP: Reflected XSS in “Cost Tracker” Notes Field

The reflected Cross-Site Scripting (XSS) vulnerability was discovered in the "Notes" input field of the Cost Tracker section in MainWP (Version 5.4.0.11). Arbitrary user input in thi ...

Continue Reading

July 17, 2025

Hemi VDP: WordPress Version Exposure via ███████ on hemi.xyz

The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...

Continue Reading

July 17, 2025

Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage

A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...

Continue Reading

July 17, 2025

curl: Sensitive information disclosure with malicious netrc file

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c

Vulnerability description not...Read More ...

Continue Reading

July 17, 2025

1 69,061 69,062 69,063 69,064 69,065 385,998

Back to Main
Subscribe for the latest news: