Tagged: Cybersecurity Alert

Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. More information : https://consumer.huawei.com/en/support/bulletin/2025/10/

Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerability may affect service confidentiality. More information : https://consumer.huawei.com/en/support/bulletin/2025/10/

Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. More information : https://consumer.huawei.com/en/support/bulletin/2025/10/

Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. More information : https://consumer.huawei.com/en/support/bulletin/2025/10/

Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. More information : https://consumer.huawei.com/en/support/bulletin/2025/10/

The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 27.0.3 via gallery submissions. This makes it...

The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.3 via several wishlist AJAX functions due to missing validation on...

A vulnerability has been found in ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website up to 0e0b9f542f7a2d90a8d7f8c83caca69294e234e4. This issue affects some unknown processing of the file /index.php of the component Quantity Handler. Such manipulation leads...

The CM Registration – Tailored tool for seamless login and invitation-based registrations plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.5.6. This is due to insufficient validation...

The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.21. This is due to the process_register() function not restricting what user roles a user can...

The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.21.0 via the...

The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s file_modified shortcode in all versions up to, and including, 4.1.6 due to insufficient input sanitization and output escaping...

The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.6.31 due to insufficient escaping on the user supplied parameter and...

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in the action nf_load_form_entries in all versions up to, and including, 9.1.6 due to...