Aggregator

A vulnerability was found in AdPlug. It has been declared as critical. This vulnerability affects unknown code of the file s3m.cpp. The manipulation leads to memory corruption. This vulnerability was named CVE-2006-3581. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. PlayStation Network outage has been going on for over 24 hours Kimsuky APT group used custom RDP Wrapper […]

A vulnerability was found in Custom CSS Addons Plugin up to 1.9.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-23578. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in History timeline Plugin up to 0.7.2 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-23475. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Customizable Captcha and Contact Us Plugin up to 1.0.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-23503. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Cyber Slider Plugin up to 1.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-23630. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in WH Cache & Security Plugin up to 1.1.2 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-23611. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in ReadMe Creator Plugin up to 1.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-23643. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Camoo Sarl CAMOO SMS Plugin up to 3.0.1 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-23607. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in AWcode & PDSonline Unique UX Plugin up to 0.9.2 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-23625. It is possible to launch the attack remotely. There is no exploit available.

Are your defenses truly battle-tested? Security validation ensures you're not just hoping your security works—it proves it. Learn more from Pentera on how to validate against ransomware, credential threats, and unpatched vulnerabilities in the GOAT Guide. [...]

A vulnerability has been found in Ultimate Events Plugin up to 1.3.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-23610. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Content Planner Plugin up to 1.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-23631. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Helmuth Lammer Tagesteller Plugin up to .1.1 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-23609. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Instant Appointment Plugin up to 1.2 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-23672. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Bit.ly linker Plugin up to 1.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-23674. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Simple Shortcode Buttons Plugin up to 1.3.2 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-23449. It is possible to launch the attack remotely. There is no exploit available.

在与国际货币基金组织(IMF)敲定贷款条款后，萨尔瓦多议会以 55:2 的结果批准了比特币法的修正案，事实上取消了比特币的法币地位。其中一项变化是比特币不再被视为“货币”，虽然它仍然是“法币（legal tender）”。另一项变化是使用比特币完全自愿。此前法律规定企业必须接受比特币付款。比特币不能再用于纳税或偿还政府债务。政府还退出了数字钱包项目 Chivo Wallet。14 亿美元的 IMF 贷款条件之一是降低比特币项目的潜在风险。自 2021 年比特币成为萨尔瓦多法币之后，IMF 一直持批评立场。虽然在法律上发生了这些变化，萨尔瓦多政府官员仍然表示将会维持甚至扩大比特币储备。数据显示，萨尔瓦多持有 6,072 枚比特币，价值 逾 5800 万美元。

A vulnerability, which was classified as problematic, has been found in WooCommerce Order Search Plugin up to 1.1.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-23495. The attack may be launched remotely. There is no exploit available.