CVE-2024-53794 - Deep Dive Into Stored XSS in Arkhe Blocks by LOOS,Inc. (Up to 2.27.)
Cross-Site Scripting (XSS) still plagues modern web apps, and the vulnerability CVE-2024-53794 shows just how easy it is for stored XSS attacks
CVE-2024-11728 - Critical SQL Injection in KiviCare WordPress Plugin Exposes Patient Data
The web is an increasingly popular place for healthcare management, but security oversights can put sensitive information at risk. Recently, security researchers and the Wordfence
CVE-2024-10879 - How ForumWP for WordPress Exposed Sites to Reflected XSS (& Exploit Guide)
WordPress powers millions of websites, and plugins are a big reason for that popularity. However, plugins can sometimes introduce security risks, and CVE-2024-10879
CVE-2024-5020: Multiple WordPress Plugins Vulnerable to Stored Cross-Site Scripting (XSS) via FancyBox JavaScript Library
Security researchers have discovered a critical vulnerability, CVE-2024-5020, in multiple plugins for WordPress, including versions 1.3.4 to 3.5.7 of
CVE-2024-53738 - Exploiting SSRF in Asset CleanUp: Page Speed Booster Plugin
Published: June 2024
Vulnerability Type: Server-Side Request Forgery (SSRF)
Affected Software: Asset CleanUp: Page Speed Booster WordPress Plugin
Vulnerable Versions: All versions up to
Episode
00:00:00
00:00:00