Aggregator
CVE-2025-26775 | RealMag777 Bear Plugin up to 1.1.4.4 on WordPress cross site scripting
CVE-2025-26778 | Gallery Plugin up to 2.2.1 on WordPress cross site scripting
CVE-2025-26770 | Joe Waymark Plugin up to 1.5.0 on WordPress cross site scripting
Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB
Multiple vulnerabilities in enterprise-grade Xerox Versalink C7025 multifunction printers (MFPs) enable attackers to intercept authentication credentials from Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) services. Designated as CVE-2024-12510 and CVE-2024-12511, these flaws allow malicious actors to execute “pass-back attacks” – a technique that redirects device authentication attempts to attacker-controlled systems. The vulnerabilities, […]
The post Xerox Printers Vulnerability Let Attackers Capture Authentication Data From LDAP & SMB appeared first on Cyber Security News.
CVE-2016-7190 | Microsoft Edge Scripting Engine memory corruption (MS16-119 / EDB-40602)
马斯克DOGE网站被黑,惊现“这是一个.gov网站的笑话” ;《个人信息保护合规审计管理办法》发布,5月起施行 | 牛览
研究认为人类可能并不孤单
Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely
A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This attack chain allows remote execution of malicious code, enabling full server compromise, data theft, and persistent control over infected sites. The /wp-content/mu-plugins/ directory – designed for “must-use” plugins that […]
The post Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely appeared first on Cyber Security News.