Aggregator

CVE-2025-2276 | Ultimate Dashboard Plugin up to 3.8.7 on WordPress Plugin Activation handle_module_actions authorization

Vuldb Updates
11 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in Ultimate Dashboard Plugin up to 3.8.7 on WordPress. This affects the function handle_module_actions of the component Plugin Activation Handler. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-2276. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-2302 | mihail-barinov Advanced Woo Search Plugin up to 3.28 on WordPress Shortcode aws_search_terms cross site scripting

Vuldb Updates
11 months 4 weeks ago
A vulnerability has been found in mihail-barinov Advanced Woo Search Plugin up to 3.28 on WordPress and classified as problematic. This vulnerability affects the function aws_search_terms of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-2302. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-2576 | Ayyash Studio Plugin up to 1.0.3 on WordPress SVG File Upload cross site scripting

Vuldb Updates
11 months 4 weeks ago
A vulnerability was found in Ayyash Studio Plugin up to 1.0.3 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SVG File Upload Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-2576. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-2573 | Amazing Service Box Addons for WPBakery Page Builder Plugin SVG File cross site scripting

Vuldb Updates
11 months 4 weeks ago
A vulnerability classified as problematic has been found in Amazing Service Box Addons for WPBakery Page Builder Plugin up to 2.0.0 on WordPress. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-2573. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-30222 | ericcornelissen shescape up to 2.1.1 environment information disclosure (GHSA-66pp-5p9w-q87j)

Vuldb Updates
11 months 4 weeks ago
A vulnerability was found in ericcornelissen shescape up to 2.1.1. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument environment leads to information disclosure. The identification of this vulnerability is CVE-2025-30222. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2016-3325 | Microsoft Internet Explorer 11 wininet.dll ParseStatusLine information disclosure (MS16-104 / EDB-40747)

Vuldb Updates
11 months 4 weeks ago
A vulnerability was found in Microsoft Internet Explorer 11. It has been rated as problematic. Affected by this issue is the function CHttpHeaderParser::ParseStatusLine in the library wininet.dll. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2016-3325. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Chainguard VMs reduces risk and engineering complexity

Help Net Security
11 months 4 weeks ago

Chainguard announced Chainguard VMs, a new product line offering minimal, zero-CVE virtual machine images built entirely from source. Purpose-built for modern, ephemeral workloads in the cloud, Chainguard VMs represent a stark contrast to the legacy, general-purpose VMs that dominate the market today. Chainguard VMs are guarded container host images, which offer a cloud-agnostic, threat-resistant environment for deploying and running containers. Chainguard VMs will help enterprises reduce costly engineering toil associated with container host maintenance and … More →

The post Chainguard VMs reduces risk and engineering complexity appeared first on Help Net Security.

Industry News

Managed ad