Poster - CVE CyberSecurity Database News (Page 391)

Dec 31, 2024 WordPress API Exploit

CVE-2024-11972 - Critical Unauthorized Plugin Installation in Hunk Companion for WordPress (Exploit Example + Analysis)

A major security flaw, CVE-2024-11972, has been found in the Hunk Companion WordPress plugin, affecting all versions before 1.9.. This vulnerability allows anyone on

Dec 30, 2024 API

CVE-2024-56799 - Unauthenticated API Access Vulnerability in Simofa – Detailed Analysis and Exploit Guide

Simofa has been making waves in the web development world as a handy tool to automate static website building and deployment. Its promise of simple

Dec 30, 2024 Exploit

CVE-2024-12828 - Webmin CGI Command Injection Allows Remote Code Execution (RCE) as Root

In early 2024, security researchers uncovered a critical vulnerability in Webmin, an open-source web-based system administration tool used by millions of servers worldwide. Tracked as

Dec 30, 2024 Windows Exploit

CVE-2024-12754 - Exploiting AnyDesk’s Link Following Flaw for Info Disclosure

AnyDesk is a widely-used remote desktop application trusted by millions across the world. However, CVE-2024-12754 highlights a serious information disclosure vulnerability in how AnyDesk handles

Dec 30, 2024

CVE-2024-56734 - Open Redirect Vulnerability in Better Auth Email Verification (`<= v1.1.5`)

Better Auth is a popular authentication library for TypeScript projects. Recently, a security issue has been discovered: a serious open redirect vulnerability exists in the