Cobalt Strike Beacon Detected – 192[.]9[.]157[.]200:22222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
CVE Alert: CVE-2025-32587
Vulnerability Summary: CVE-2025-32587 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in pickupp WooCommerce Pickupp allows...
CVE Alert: CVE-2025-32601
Vulnerability Summary: CVE-2025-32601 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in twispay Twispay Credit Card Payments...
CVE Alert: CVE-2025-32589
Vulnerability Summary: CVE-2025-32589 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in odude...
CVE Alert: CVE-2025-32600
Vulnerability Summary: CVE-2025-32600 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tournamatch Tournamatch allows Reflected XSS....
CVE Alert: CVE-2025-32603
Vulnerability Summary: CVE-2025-32603 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in HK WP Online...
CVE Alert: CVE-2025-32599
Vulnerability Summary: CVE-2025-32599 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in miunosoft Task Scheduler allows Reflected...
CVE Alert: CVE-2025-32618
Vulnerability Summary: CVE-2025-32618 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist allows...
CVE Alert: CVE-2025-32632
Vulnerability Summary: CVE-2025-32632 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Automatic Ban IP allows...
CVE Alert: CVE-2025-32614
Vulnerability Summary: CVE-2025-32614 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashan...
CVE Alert: CVE-2025-32607
Vulnerability Summary: CVE-2025-32607 Deserialization of Untrusted Data vulnerability in magepeopleteam WpBookingly allows Object Injection. This issue affects WpBookingly: from n/a...
CVE Alert: CVE-2025-32656
Vulnerability Summary: CVE-2025-32656 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound...
CVE Alert: CVE-2025-32629
Vulnerability Summary: CVE-2025-32629 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CMSJunkie - WordPress Business...
CVE Alert: CVE-2025-32631
Vulnerability Summary: CVE-2025-32631 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in oxygensuite Oxygen MyData for...
CVE Alert: CVE-2025-32654
Vulnerability Summary: CVE-2025-32654 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix...
CVE Alert: CVE-2025-32627
Vulnerability Summary: CVE-2025-32627 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky...
CVE Alert: CVE-2025-32633
Vulnerability Summary: CVE-2025-32633 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in neoslab Database Toolset allows...
CVE Alert: CVE-2025-32650
Vulnerability Summary: CVE-2025-32650 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ability, Inc Accessibility...
CVE Alert: CVE-2025-32671
Vulnerability Summary: CVE-2025-32671 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John Weissberg Print Science...
CVE Alert: CVE-2025-32663
Vulnerability Summary: CVE-2025-32663 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp...
CVE Alert: CVE-2025-32672
Vulnerability Summary: CVE-2025-32672 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme...
CVE Alert: CVE-2025-31362
Vulnerability Summary: CVE-2025-31362 Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be...
CVE Alert: CVE-2025-2128
Vulnerability Summary: CVE-2025-2128 The Cost Calculator Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_ids’ parameter...
CVE Alert: CVE-2025-31932
Vulnerability Summary: CVE-2025-31932 Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is exploited, an arbitrary...
