CVE Alert: CVE-2025-48345
Vulnerability Summary: CVE-2025-48345 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft Contact Form 7 Editor...
CVE Alert: CVE-2025-48300
Vulnerability Summary: CVE-2025-48300 Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows Upload a Web Shell...
CVE Alert: CVE-2025-52779
Vulnerability Summary: CVE-2025-52779 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karimmughal Dot html,php,xml etc pages...
CVE Alert: CVE-2025-48291
Vulnerability Summary: CVE-2025-48291 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer...
CVE Alert: CVE-2025-52777
Vulnerability Summary: CVE-2025-52777 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmsMinds Pay with Contact Form...
CVE Alert: CVE-2025-48339
Vulnerability Summary: CVE-2025-48339 Missing Authorization vulnerability in activity-log.com Profiler - What Slowing Down Your WP allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-49876
Vulnerability Summary: CVE-2025-49876 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows...
CVE Alert: CVE-2025-49884
Vulnerability Summary: CVE-2025-49884 Missing Authorization vulnerability in alexvtn Internal Linking of Related Contents allows Exploiting Incorrectly Configured Access Control Security...
CVE Alert: CVE-2025-50028
Vulnerability Summary: CVE-2025-50028 Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This...
CVE Alert: CVE-2025-49888
Vulnerability Summary: CVE-2025-49888 Missing Authorization vulnerability in pimwick PW WooCommerce On Sale! allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-52714
Vulnerability Summary: CVE-2025-52714 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler allows...
CVE Alert: CVE-2025-52787
Vulnerability Summary: CVE-2025-52787 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings allows...
CVE Alert: CVE-2025-52804
Vulnerability Summary: CVE-2025-52804 Missing Authorization vulnerability in uxper Nuss allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...
CVE Alert: CVE-2025-52836
Vulnerability Summary: CVE-2025-52836 Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This...
CVE Alert: CVE-2025-52803
Vulnerability Summary: CVE-2025-52803 Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...
CVE Alert: CVE-2025-52819
Vulnerability Summary: CVE-2025-52819 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pakkemx Pakke Envíos...
HackerOne Bug Bounty Disclosure: reflected-xss-in-manage-tags-notes-field-rishail
Company Name: MainWP Company HackerOne URL: https://hackerone.com/mainwp Submitted By:rishail01Link to Submitters Profile:https://hackerone.com/rishail01 Report Title:Reflected XSS in "Manage Tags" Notes FieldReport...
HackerOne Bug Bounty Disclosure: account-takeover-of-existing-hackerone-accounts-through-scim-provisioning-boy-child
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:boy_child_Link to Submitters Profile:https://hackerone.com/boy_child_ Report Title:Account takeover of existing HackerOne accounts through...
HackerOne Bug Bounty Disclosure: reflected-xss-in-cost-tracker-notes-field-rishail
Company Name: MainWP Company HackerOne URL: https://hackerone.com/mainwp Submitted By:rishail01Link to Submitters Profile:https://hackerone.com/rishail01 Report Title:Reflected XSS in "Cost Tracker" Notes FieldReport...
HackerOne Bug Bounty Disclosure: stored-cross-site-scripting-xss-in-add-contact-name-field-mainwp-plugin-rishail
Company Name: MainWP Company HackerOne URL: https://hackerone.com/mainwp Submitted By:rishail01Link to Submitters Profile:https://hackerone.com/rishail01 Report Title:Stored Cross-Site Scripting (XSS) in "Add Contact"...
HackerOne Bug Bounty Disclosure: reflected-xss-in-create-category-functionality-of-post-creation-module-rishail
Company Name: MainWP Company HackerOne URL: https://hackerone.com/mainwp Submitted By:rishail01Link to Submitters Profile:https://hackerone.com/rishail01 Report Title:Reflected XSS in "Create Category" Functionality of...
[QILIN] – Ransomware Victim: KEP Credit Union KEP
Ransomware Group: QILIN VICTIM NAME: KEP Credit Union KEP NOTE: No files or stolen information are by RedPacket Security. Any...
[AKIRA] – Ransomware Victim: Sib-Tryck Holding
Ransomware Group: AKIRA VICTIM NAME: Sib-Tryck Holding NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[AKIRA] – Ransomware Victim: Fayrefield Foods
Ransomware Group: AKIRA VICTIM NAME: Fayrefield Foods NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
