CVE Alert: CVE-2025-6459
Vulnerability Summary: CVE-2025-6459 The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request...
CVE Alert: CVE-2025-6686
Vulnerability Summary: CVE-2025-6686 The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE Alert: CVE-2025-5817
Vulnerability Summary: CVE-2025-5817 The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
CVE Alert: CVE-2025-5746
Vulnerability Summary: CVE-2025-5746 The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary...
CVE Alert: CVE-2025-6463
Vulnerability Summary: CVE-2025-6463 The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable...
CVE Alert: CVE-2025-52462
Vulnerability Summary: CVE-2025-52462 Cross-site scripting vulnerability exists in Active! mail 6 BuildInfo: 6.30.01004145 to 6.60.06008562. If this vulnerability is exploited,...
CVE Alert: CVE-2025-52463
Vulnerability Summary: CVE-2025-52463 Cross-site request forgery vulnerability exists in Active! mail 6 BuildInfo: 6.60.06008562 and earlier. If this vulnerability is...
CVE Alert: CVE-2025-6687
Vulnerability Summary: CVE-2025-6687 The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE Alert: CVE-2024-13451
Vulnerability Summary: CVE-2024-13451 The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom...
[QILIN] – Ransomware Victim: Punta Del Agua
Ransomware Group: QILIN VICTIM NAME: Punta Del Agua NOTE: No files or stolen information are by RedPacket Security. Any legal...
[EVEREST] – Ransomware Victim: Avantic Medical Lab – Full leak published
Ransomware Group: EVEREST VICTIM NAME: Avantic Medical Lab - Full leak published NOTE: No files or stolen information are by...
[EVEREST] – Ransomware Victim: Arlington Occupational Health and Wellness – Full leak published
Ransomware Group: EVEREST VICTIM NAME: Arlington Occupational Health and Wellness - Full leak published NOTE: No files or stolen information...
CVE Alert: CVE-2025-24328
Vulnerability Summary: CVE-2025-24328 Sending a crafted SOAP "set" operation message within the Mobile Network Operator (MNO) internal Radio Access Network...
CVE Alert: CVE-2025-6464
Vulnerability Summary: CVE-2025-6464 The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable...
CVE Alert: CVE-2025-6017
Vulnerability Summary: CVE-2025-6017 A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before...
CVE Alert: CVE-2024-13786
Vulnerability Summary: CVE-2024-13786 The education theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and...
CVE Alert: CVE-2025-24334
Vulnerability Summary: CVE-2025-24334 The Nokia Single RAN baseband software earlier than 23R2-SR 1.0 MP can be made to reveal the...
CVE Alert: CVE-2025-24333
Vulnerability Summary: CVE-2025-24333 Nokia Single RAN baseband software earlier than 24R1-SR 1.0 MP contains administrative shell input validation fault, which...
CVE Alert: CVE-2025-24332
Vulnerability Summary: CVE-2025-24332 Nokia Single RAN AirScale baseband allows an authenticated administrative user access to all physical boards after performing...
CVE Alert: CVE-2025-24329
Vulnerability Summary: CVE-2025-24329 Sending a crafted SOAP "provision" operation message archive field within the Mobile Network Operator (MNO) internal Radio...
CVE Alert: CVE-2025-24330
Vulnerability Summary: CVE-2025-24330 Sending a crafted SOAP "provision" operation message PlanId field within the Mobile Network Operator (MNO) internal Radio...
CVE Alert: CVE-2025-24331
Vulnerability Summary: CVE-2025-24331 The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially...
HackerOne Bug Bounty Disclosure: authorization-header-leak-via-location-trusted-in-curl-voggerloops
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:voggerloopsLink to Submitters Profile:https://hackerone.com/voggerloops Report Title:Authorization Header Leak via --location-trusted in CurlReport...
HackerOne Bug Bounty Disclosure: subdomain-takeover-on-live-firefox-com-martinvw
Company Name: Mozilla Company HackerOne URL: https://hackerone.com/mozilla Submitted By:martinvwLink to Submitters Profile:https://hackerone.com/martinvw Report Title:Subdomain takeover on livefirefoxcomReport Link:https://hackerone.com/reports/2899858Date Submitted:03 July...
