Overview
- jayarsiech
- JAY Login & Register
Description
Statistics
- 1 Post
Fediverse
🚨 CRITICAL: CVE-2025-14440 in JAY Login & Register plugin (≤2.4.01) enables auth bypass—attackers can hijack any WordPress account, incl. admin. Disable plugin & monitor now. No patch yet. https://radar.offseq.com/threat/cve-2025-14440-cwe-565-reliance-on-cookies-without-51904fb2 #OffSeq #WordPress #Infosec #CVE202514440
Overview
- recorp
- Export WP Pages to HTML & PDF – Simply Create a Static Website
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2025-11693 (CRITICAL, CVSS 9.8): recorp Export WP Pages to HTML & PDF plugin exposes admin cookies via cookies.txt — risk of WordPress site takeover. Disable plugin & secure backups. No patch yet. https://radar.offseq.com/threat/cve-2025-11693-cwe-200-exposure-of-sensitive-infor-d010e42a #OffSeq #WordPress #Vuln #Infosec
Overview
Description
Statistics
- 1 Post
Fediverse
https://www.docker.com/blog/security-that-strengthens-the-ecosystem-dockers-upstream-approach-to-cve-2025-12735/ - #Docker hardened #images fix #vulnerabilities FAST! I love they're contributing to upstream too.
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
If you needed a reason to update your Mac to 26.2 sooner rather than later:
App Store
Available for: macOS Tahoe
Impact: An app may be able to access sensitive payment tokens
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-46288: floeki, Zhongcheng Li from IES Red Team of ByteDance
Source: https://support.apple.com/en-us/125886
(In case you're wondering, yes this CVE does impact iPad and and iPhone as well.)
Overview
- FreePBX
- security-reporting
Description
Statistics
- 2 Posts
Bluesky
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Fediverse
⚠️ CRITICAL: CVE-2025-65854 in MineAdmin v3.x—Insecure scheduled tasks allow arbitrary command execution & possible full account takeover. Audit permissions, restrict access, and monitor logs ASAP. More: https://radar.offseq.com/threat/cve-2025-65854-na-a27cd0ac #OffSeq #Vuln #MineAdmin #Sysadmin
Overview
- listingthemes
- WP Directory Kit
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2025-13089: HIGH-severity SQL Injection in WP Directory Kit (all versions). Unauthenticated attackers can leak sensitive DB info via 'hide_fields' & 'attr_search'. Mitigate: disable plugin or use WAF. https://radar.offseq.com/threat/cve-2025-13089-cwe-89-improper-neutralization-of-s-39a10248 #OffSeq #WordPress #Vuln #SQLi