Aggregator

A vulnerability was found in MagePeople Team Bus Ticket Booking with Seat Reservation Plugin up to 5.4.3 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-49294. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in 김 민준 NAVER Analytics Plugin up to 0.9 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-51700. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in reflectionmedia User Profile Builder Plugin up to 3.12.9 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-12738. The attack can be launched remotely. There is no exploit available.

A vulnerability has been found in nasirahmed Advanced Form Integration Plugin up to 1.95.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-56293. The attack can be initiated remotely. There is no exploit available.

A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick.  This script, which has a low detection rate on VirusTotal (4/59), uses the tkinter library to create a fake “Blue Screen of Death” (BSOD) graphical interface.  The SHA256 hash of the script, which […]

The post Beware of Fake BSOD Delivered by Malicious Python Script appeared first on Cyber Security News.

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority. Users who attempt

Lawsuit Alleges Insurer Used AI Tool in Denying Patients Medically Necessary Care
A proposed class action lawsuit against UnitedHealth Group, which claims the company's insurance unit UnitedHealthcare used artificial intelligence tools to deny Medicare Advantage claims for medically necessary care, has the green light to proceed from a federal judge.

比赛时间：2025.02.22 10:00-2025.02.23 22:00

看雪论坛作者ID：福建炒饭乡会

A vulnerability was found in wpdevelop Email Reminders Plugin up to 2.0.5 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-56292. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in dn88 Highlight Plugin up to 2.0.2 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-56297. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Pektsekye Notify Odoo Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-56299. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Hometory Mang Board WP Plugin up to 1.8.4 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-56296. The attack may be initiated remotely. There is no exploit available.

攻击者已利用这些漏洞进行“极其复杂”的针对性攻击，威胁敏感数据安全，问题紧迫性极高。

A vulnerability, which was classified as problematic, has been found in Pixelite WP FullCalendar Plugin up to 1.5 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-22261. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Gutentor Plugin up to 3.4.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-22293. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PixelYourSite Your Smart Pixel Manager Plugin up to 10.0.1.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-22300. The attack can be launched remotely. There is no exploit available.