CVE-2025-1661 - Dangerous Local File Inclusion in HUSKY – Products Filter Professional for WooCommerce (WordPress) Explained
If you’re running a WooCommerce shop on WordPress and use the popular HUSKY – Products Filter Professional plugin, you must read this. There's
CVE-2024-13857 - Server-Side Request Forgery in WPGet API – Connect to any external REST API WordPress Plugin
A severe vulnerability has been discovered in the WPGet API – Connect to any external REST API plugin for WordPress. Tracked as CVE-2024-13857, this flaw exposes
CVE-2025-0912 - Critical PHP Object Injection and RCE in Donations Widget WordPress Plugin (Up to 3.19.4)
WordPress is all about making things easier, from blogging to taking donations. But sometimes, plugins built to help can be a big risk. One such
CVE-2025-26970 - Code Injection Vulnerability in NotFound Ark Theme Core (Up to 1.70.) — A Complete Guide
On May 2025, security researchers discovered a major vulnerability—CVE-2025-26970—in the popular Ark Theme Core plugin by NotFound. This vulnerability lets attackers inject their
CVE-2025-1671 - Privilege Escalation in Academist Membership WordPress Plugin – Complete Analysis & Exploit Walkthrough
In this in-depth blog post, I’ll break down everything you need to know about CVE-2025-1671, a serious vulnerability affecting the Academist Membership plugin for
Episode
00:00:00
00:00:00