Aggregator

Submit #836751 / VDB-369162

A vulnerability was found in Sonaar Music Plugin 4.7 and classified as problematic. The impacted element is an unknown function of the file wp-comments-post.php. The manipulation of the argument Comment results in cross site scripting. This vulnerability is identified as CVE-2023-54351. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in WP24 Domain Check 1.6.2 on WordPress and classified as problematic. The affected element is an unknown function of the file options.php. The manipulation of the argument fieldnameDomain leads to cross site scripting. This vulnerability is referenced as CVE-2021-47984. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as problematic, was found in mra13 Accept Stripe Payments 2.0.39 on WordPress. Impacted is an unknown function of the file /wp-admin/options.php of the component Setting Handler. Executing a manipulation of the argument AcceptStripePayments-settings[currency_code] can lead to cross site scripting. The identification of this vulnerability is CVE-2021-47983. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in background-image-cropper Background Image Cropper 1.2. This issue affects some unknown processing of the file ups.php of the component PHP File Handler. Performing a manipulation results in unrestricted upload. This vulnerability was named CVE-2024-58348. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability classified as critical was found in webandprint Augmented Reality 7.0 on WordPress. This vulnerability affects unknown code of the file connector.minimal.php of the component PHP File Handler. Such manipulation leads to missing authentication. This vulnerability is uniquely identified as CVE-2023-54350. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability classified as critical has been found in WP Travel Kit Travelscape 1.0.3. This affects an unknown part of the file /wp-content/themes/seotheme/mar.php. This manipulation causes missing authentication. This vulnerability is handled as CVE-2023-54352. The attack can be initiated remotely. Additionally, an exploit exists.

Name: SAS CTF 2026 Quals (an SAS CTF event.)
Date: June 6, 2026, noon — 07 June 2026, 12:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.thesascon.com/
Rating weight: 31.00
Event organizers: Drovosec SAS CREW

Name: DalCTF 2026 (an DalCTF event.)
Date: June 6, 2026, 1 p.m. — 07 June 2026, 15:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Halifax, Canada and Online
Offical URL: https://dalctf2026.com/
Rating weight: 24.89
Event organizers: HTTP Status 418

Алгоритмы могут начать улучшать себя сами. И лучше бы нам нажать на тормоз — пока не поздно.

Estimative language, evidence discipline, and analytic integrity for cyber threat intelligencePress

11 validated detections from public sources, OpenCTI graph, and a one-command labTable of ContentsPr

Version-controlled threat intelligence — from first call to deployed Sigma rule.Press enter or click

A complete walkthrough of the methodology applied to a real training scenario: pharmaceutical IP the

Map adversary behaviour to MITRE ATT&CK in seconds, compare against 160+ APT groups, and generate PD

By Got Root? | https://medium.com/@got-rootPress enter or click to view image in full sizeOSCP windo

From Recon to RCE — A comprehensive deep-dive into one of JavaScript’s most misunderstood vulnerabil

Исследователь показал технику, при которой агент безопасности не падает, но перестает передавать телеметрию.

中国灵活就业人数今年预计跨越关键规模拐点，达到3.2亿人，成为就业市场的重要支柱。以2025年末中国总就业人数7.25亿人计算，这意味着超过44%处于灵活就业状态。灵活就业群体近年以每年4000万人的