Security
Headlines
HeadlinesLatestCVEs

Headline

WordPress Plugin Bug Lets Subscribers Wipe Sites

The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.

Threatpost
#Vulnerabilities#Web Security

Related news

CVE-2021-37777: Gila CMS Vulnerabilities | Navid Kagalwalla

Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure.

Threatpost: Latest News

Student Loan Breach Exposes 2.5M Records