CVE-2025-1061 - Authentication Bypass Vulnerability in Nextend Social Login Pro Lets Attackers Impersonate Any WordPress User
In early 2025, a critical vulnerability was discovered in the popular Nextend Social Login Pro plugin for WordPress. Tracked as CVE-2025-1061, this flaw impacts plugin
CVE-2024-1211 - GitLab JWT OmniAuth CSRF Vulnerability Explored
If your organization uses GitLab for source control and has enabled JWT as an OmniAuth provider, you may be at risk of a newly disclosed
CVE-2025-22610 - Unauthorized Access to OAuth Secrets in Coolify (Explained and Exploited)
Coolify is an open-source and self-hostable platform that helps developers manage servers, applications, and databases—kind of like your all-in-one digital Swiss Army knife. But
CVE-2025-23040 - GitHub Desktop Vulnerability Leaks User Credentials via Malicious Remote URLs
In early 2025, security researchers and the GitHub Security team identified and patched a significant vulnerability (CVE-2025-23040) in GitHub Desktop, a popular open-source Electron-based application
CVE-2024-13301 - XSS Vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) Explained
Summary:
CVE-2024-13301 is a Cross-Site Scripting (XSS) vulnerability found in the popular Drupal module “OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client)
Episode
00:00:00
00:00:00