CVE-2025-2331 - Sensitive Information Exposure in GiveWP – How Attackers Can Extract Donor Data via Misconfigured Capability Check
CVE-2025-2331 highlights a severe security vulnerability in the GiveWP — Donation Plugin and Fundraising Platform for WordPress, which affects all versions up to and including 3.
CVE-2025-1311 - SQL Injection Vulnerability in WooCommerce Multivendor Marketplace – REST API Plugin (WordPress)
A new and serious security flaw (CVE-2025-1311) was recently discovered in the popular WooCommerce Multivendor Marketplace – REST API plugin for WordPress. This vulnerability allows attackers
CVE-2025-30472 - Stack-Based Buffer Overflow in Corosync’s Token Handling (Exploit Details & Analysis)
CVE-2025-30472 is a critical stack-based buffer overflow vulnerability found in Corosync, the popular cluster engine used in high-availability (HA) systems such as Pacemaker or Proxmox
CVE-2025-30204 - Denial of Service in golang-jwt via ParseUnverified O(n) Memory Allocation
If you’re working with JWTs in Go, you’ve probably relied on the popular golang-jwt package. Recently, a critical vulnerability—CVE-2025-30204—was found in
CVE-2019-16151: FortiOS Vulnerability Exploited for Redirection Attacks and JavaScript Injection
FortiGate, a popular brand of security appliances designed for network protection, recently discovered a vulnerability in its FortiOS software. As reported in CVE-2019-16151, the improper
Episode
00:00:00
00:00:00