Aggregator

火绒安全先后斩获"基于深度学习的恶意样本自动分析方法及系统" 与"一种基于PE虚拟沙盒实现.NET虚拟沙盒的方法"两项国家发明专利

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

WannaCry, the ransomware attack that changed the history of cybersecurity

WannaCry showed how unpatched flaws and leaked cyber tools can cripple global systems, reshaping cybersecurity defenses worldwide. In memory of the day the digital world was shaken, but learned to fight back. The WannaCry ransomware attack represents one of the most significant events in recent cybersecurity history, not only for its global scale but also […]

HiddenLayer reveals infostealer malware in a Hugging Face repository

Пассворк получил сертификат ФСТЭК России № 5063 по 4-му уровню доверия, наивысшему для коммерческих СЗИ

A vulnerability was found in davidskysa Skysa Text Ticker App Plugin up to 1.4 on WordPress. It has been rated as problematic. This issue affects the function SkysaApps_Admin_AppPage of the component Scrolling Message Handler. This manipulation causes cross-site request forgery. This vulnerability is handled as CVE-2026-6710. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in shamim_d Bootstrap Shortcode Plugin up to 1.0 on WordPress. It has been declared as problematic. This vulnerability affects the function box of the component Shortcode Handler. The manipulation results in cross site scripting. This vulnerability is known as CVE-2026-7661. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in webpack-dev-server up to 5.2.3. It has been classified as problematic. This affects an unknown part. The manipulation leads to exposed dangerous routine. This vulnerability is traded as CVE-2026-6402. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability was found in riotweb Advanced Social Media Icons Plugin up to 1.2 on WordPress and classified as problematic. Affected by this issue is the function social of the component Shortcode Handler. Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2026-7659. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in phkcorp2005 WP-Redirection Plugin up to 1.0.3 on WordPress and classified as problematic. Affected by this vulnerability is the function check_admin_referer of the component Setting Handler. Performing a manipulation of the argument nonce results in cross-site request forgery. This vulnerability is reported as CVE-2026-7562. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in tienrocker Tm Plugin up to 1.2 on WordPress. Affected is an unknown function of the component Setting Handler. Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2026-7561. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in moch-a AzonPost Plugin up to 1.3 on WordPress. This impacts an unknown function. This manipulation of the argument editpos_hidden causes cross site scripting. This vulnerability is registered as CVE-2026-7437. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic was found in patilswapnilv Shortcodely Plugin up to 1.0.1 on WordPress. This affects an unknown function of the component Shortcode Handler. The manipulation of the argument widget_area results in cross site scripting. This vulnerability is cataloged as CVE-2026-6913. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in optimalplugins Pricing Tables for WP Plugin up to 1.1.0 on WordPress. The impacted element is an unknown function. The manipulation of the argument page leads to cross site scripting. This vulnerability is listed as CVE-2026-6808. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in ashanjay LifePress Plugin up to 2.2.2 on WordPress. The affected element is the function wp_ajax_nopriv_lp_update_mds of the component Setting Handler. Executing a manipulation of the argument n can lead to cross site scripting. This vulnerability is tracked as CVE-2026-6690. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in jashjacob Credits Shortcode Plugin up to 1.2 on WordPress. Impacted is the function Credits of the component Shortcode Handler. Performing a manipulation of the argument Link results in cross site scripting. This vulnerability is identified as CVE-2026-6256. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.