CVE-2024-1803 - Unpacking the WordPress EmbedPress PDF Block Vulnerability (Up to v3.9.12)
WordPress plugins make building and managing websites easier, but sometimes they also bring in security problems—especially when they don’t check who’s allowed
CVE-2024-34060 - Arbitrary File Write and Remote Code Execution in IrisEVTXModule Before 1..
Published: June 2024
Severity: High
Components Affected: iris-evtx-module (used by iris-web web application)
Quick Summary
A critical security flaw existed in all versions of IrisEVTXModule
CVE-2024-26139 - Privilege Escalation in OpenCTI Lets Attackers Become Admins
OpenCTI is a popular open source platform organizations use to manage their cyber threat intelligence data. It helps security teams gather, analyze, and share information
CVE-2024-3997 - Stored XSS in Prime Slider – Addons For Elementor (Pagepiling Widget) – Exploit Analysis
A critical Stored Cross-Site Scripting (XSS) vulnerability has been discovered in the popular WordPress plugin Prime Slider – Addons For Elementor. Registered under CVE-2024-3997, this flaw
CVE-2024-4378 - How WordPress Premium Addons for Elementor Plugin’s Menu & Shape Widgets Open Doors for Stored XSS Attacks
Date: June 2024
Severity: Medium–High
Affected Plugin: Premium Addons for Elementor
Vulnerable Versions: up to and including 4.10.30
Exploit Type: Stored Cross-Site
Episode
00:00:00
00:00:00