Aggregator

8 月 31 日发生的阿富汗地震至今已造成逾 3000 人死亡，逾 4000 人受伤。8 月 31 日 23 时 47 分，位于阿富汗邻近巴基斯坦边境的楠格哈尔省与库纳尔省地区发生 MW 6.0 级地震，之后发生了一系列余震，其中两次余震震级超过 5 级：9 月 2 日发生的 5.2 级以及 9 月 4 日的 5.6 级。阿富汗位于印度板块和欧亚板块交汇处，因此地震易发。USGS 估计死亡人数最高可能多达 1 万，有 89 万人受到地震剧烈震动的影响。专家称，地震深度浅、建筑材料质量低（大部分房屋用泥石建造）以及震中下方的地面由软沉积物组成，以及地震前的大雨等因素都导致了此次地震死亡人数巨大。

Currently trending CVE - Hype Score: 16 - TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit ...

Alleged Data Breach of Prosys Ingeniería SpA

A vulnerability described as problematic has been identified in Babar prettyPhoto Plugin up to 1.2.4 on WordPress. Affected by this issue is some unknown functionality. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-58808. The attack can be executed remotely. There is not any exploit available.

A vulnerability marked as problematic has been reported in Themepoints Carousel Ultimate Plugin up to 1.8 on WordPress. Affected by this vulnerability is an unknown functionality. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2025-58820. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability labeled as problematic has been found in PriceListo Best Restaurant Menu Plugin up to 1.4.3 on WordPress. Affected is an unknown function. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-58812. The attack may be launched remotely. There is no exploit available.

A vulnerability identified as problematic has been detected in brijrajs WooCommerce Single Page Checkout Plugin up to 1.2.7 on WordPress. This impacts an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is listed as CVE-2025-58804. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as problematic has been discovered in SwiftNinjaPro Developer Tools Blocker Plugin up to 3.2.1 on WordPress. This affects an unknown function. Executing manipulation can lead to cross-site request forgery. This vulnerability is tracked as CVE-2025-58818. The attack can be launched remotely. No exploit exists.

A vulnerability was found in jimmywb Simple Link List Widget Plugin up to 0.3.2 on WordPress. It has been rated as problematic. The impacted element is an unknown function. Performing manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-58810. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in Rubel Miah Aitasi Coming Soon Plugin up to 2.0.2 on WordPress. It has been declared as problematic. The affected element is an unknown function. Such manipulation leads to deserialization. This vulnerability is referenced as CVE-2025-58815. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Ram Ratan Maurya Stagtools Plugin up to 2.3.8 on WordPress. It has been classified as problematic. Impacted is an unknown function. This manipulation causes cross site scripting. The identification of this vulnerability is CVE-2025-58814. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in DesertThemes SoftMe Plugin up to 1.1.24 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation results in missing authorization. This vulnerability was named CVE-2025-58817. The attack may be performed from remote. There is no available exploit.

A vulnerability has been found in WP CodeUs Ultimate Client Dash Plugin up to 4.6 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-58811. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability, which was classified as problematic, was found in usamafarooq Woocommerce Gifts Product Plugin up to 1.0.0 on WordPress. This affects an unknown part. Executing manipulation can lead to cross-site request forgery. This vulnerability is handled as CVE-2025-58878. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as problematic, has been found in OTWthemes Widgetize Pages Light Plugin up to 3.0 on WordPress. Affected by this issue is some unknown functionality. Performing manipulation results in cross site scripting. This vulnerability is known as CVE-2025-58805. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in michalzagdan TrustMate.io Plugin up to 1.14.0 on WordPress. Affected by this vulnerability is an unknown functionality. Such manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2025-58802. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in webvitaly Search by Google Plugin up to 1.9 on WordPress. Affected is an unknown function. This manipulation causes cross site scripting. This vulnerability appears as CVE-2025-58832. The attack may be initiated remotely. There is no available exploit.

A vulnerability described as problematic has been identified in George Sexton Events Calendar Plugin up to 1.5.3 on WordPress. This impacts an unknown function. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-58862. The attack can be launched remotely. No exploit exists.

A vulnerability marked as problematic has been reported in Dejan Markovic Buffer Plugin up to 2020.1.0 on WordPress. This affects an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2025-58846. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as critical has been found in aitool Ai Auto Tool Content Writing Assistant All in One Plugin up to 2.2.6 on WordPress. The impacted element is an unknown function. Executing manipulation can lead to server-side request forgery. This vulnerability is registered as CVE-2025-58829. It is possible to launch the attack remotely. No exploit is available.