The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in ...
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via '_name[]' Array Parameter...
The WP Photo Album Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'subtext' parameter in all versions up to, and in...
AI assistants like ChatGPT are supposed to be safe to use, with appropriate guardrails to stop people creating harmful content. However, a British ...
poc-exploit-harden-runner...
CVE-2025-24054 — Detection & Mitigation Lab Project log for a defensive security lab on CVE-2025-24054, the Windows New Technology LAN Manager NTLM...
Missing Authorization vulnerability in WofficeIO Woffice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affec...
The MotoPress Appointment Booking plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and incl...
The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'layoutstyle' parameter in a...
Cloud-Security-Portfolio Offensive AWS security portfolio — IAM privilege escalation, S3 misconfig exploitation, and cloud attack path documentatio...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.