The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the recieve_post, bmc_disconnect, name_post, a ...

Continue Reading

July 11, 2023

The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the recieve_post, bmc_disconnect, name ...

Continue Reading

July 11, 2023

SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary cod ...

Continue Reading

July 10, 2023

# CVE-2023-34362 POC for CVE-2023-34362 affecting MOVEit Transfe...Read More ...

Continue Reading

July 09, 2023

A potential Cross Site Scripting (XSS) vulnerablity ([CVE-2022-36180](https://security-tracker.debian.org/tracker/CVE-2022-36180)) and session handling vulnerability ([CVE-2022-36179](https://security ...

Continue Reading

July 08, 2023

[]() Secrets are meant to be hidden or, at the very least, only known to a specif ...

Continue Reading

July 07, 2023

[]() Cybersecurity researchers have unearthed an attack infrast ...

Continue Reading

July 07, 2023

Many organizations utilize third-party apps for identity security solutions to automate and unburden overtaxed IT admins from tedious tasks that employees can perform via self-service without IT assis ...

Continue Reading

July 01, 2023

## Summary Potential Enyoy security bypass vulnerability ( CVE-2022-25881) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional informat ...

Continue Reading

July 01, 2023

Post ContentRead More ...

Continue Reading

July 01, 2023