CVE-2024-9707 - WordPress Hunk Companion Plugin Exploit – Unauthorized Plugin Activations and the Road to RCE
CVE-2024-9707 is a serious security bug found in the popular Hunk Companion plugin for WordPress. If your website uses this plugin (versions 1.8.4
CVE-2024-9234 - Critical File Upload Vulnerability in GutenKit WordPress Plugin Explained
Published: June, 2024
Introduction
A major security flaw has been found in the popular GutenKit WordPress plugin, officially tracked as CVE-2024-9234. If your website uses
CVE-2024-9164 - How a GitLab EE Vulnerability Lets Attackers Run Pipelines on Any Branch
- [Proof of Concept: Exploiting Arbitrary Pipeline Execution](#proof-of-concept-exploiting-arbitrary-pipeline-execution)
Introduction
In June 2024, a serious vulnerability (CVE-2024-9164) was disclosed affecting GitLab Enterprise Edition (EE). The
CVE-2024-21534 - Remote Code Execution in jsonpath-plus Before 10..7 — How the Vulnerability Works and How to Stay Safe
jsonpath-plus is a popular Node.js library for evaluating JSONPath expressions over JSON data. It's widely used in projects needing powerful querying capabilities
CVE-2024-3656 - Breaking Down the Keycloak Privilege Escalation Flaw
In June 2024, a critical vulnerability shook the world of open source identity and access management. CVE-2024-3656 was found in Keycloak, a widely used tool
Episode
00:00:00
00:00:00