Posted by Angelo Barbosa | Jan 27, 2025 | CVE
A vulnerability was found in Apache Cocoon. It has been classified as problematic. Affected is an unknown function. The manipulation leads to incorrect usage of seeds in prng. This vulnerability is traded as CVE-2025-24783. Attacking locally is a requirement. There is no exploit available. It is recommended to apply the suggested...
Read MorePosted by Angelo Barbosa | Jan 27, 2025 | CVE
A vulnerability was found in Bridge Core Plugin up to 3.3 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2025-24744. The attack can be initiated remotely. There is no exploit...
Read MorePosted by Angelo Barbosa | Jan 27, 2025 | CVE
A vulnerability, which was classified as problematic, was found in Sprout Invoices Client Invoicing Plugin up to 20.8.1 on WordPress. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-24606. It is possible to initiate the attack remotely. There is no exploit...
Read MorePosted by Angelo Barbosa | Jan 27, 2025 | CVE
A vulnerability, which was classified as problematic, has been found in The Events Calendar Plugin up to 6.7.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-24537. The attack may be launched remotely. There is no exploit...
Read MorePosted by Angelo Barbosa | Jan 27, 2025 | CVE
A vulnerability classified as problematic was found in slaFFik BuddyPress Groups Extras Plugin up to 3.6.10 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-24538. The attack can be launched remotely. There is no exploit...
Read More