30 minutes to pwn town: Are speedy responses more important than backups for recovery?
The industry’s approach to keeping quality backups may be masking the importance of other...
Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has...
Have We Reached a Distroless Tipping Point?
There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how...
Benchmarks Find ‘DeepSeek-V3-0324 Is More Vulnerable Than Qwen2.5-Max’
While the latest iteration of Qwen2.5-Max outperforms DeepSeek-V3 on security, the AI model lags...
Alan Turing Institute: UK can't handle a fight against AI-enabled crims
Law enforcement facing huge gap in 'AI adoption' The National Crime Agency (NCA) will...
Windows 11 Forces Microsoft Account Sign In & Removes Bypass Trick Option
Microsoft is killing the Windows 11 bypass trick — soon, all setups will require internet and a...
North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds
The attackers pose as legitimate remote IT workers, looking to both generate revenue and access...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Latest Vulnerabilities
-
CVE-2025-3184
7.3A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file...
-
CVE-2025-3185
7.3A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been classified as critical. Affected is an unknown function of the file...
-
CVE-2025-3181
7.3A vulnerability, which was classified as critical, has been found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this issue is some unknown functionality of the file...
-
CVE-2025-3182
7.3A vulnerability, which was classified as critical, was found in projectworlds Online Doctor Appointment Booking System 1.0. This affects an unknown part of the file /patient/getschedule.php. The...
-
CVE-2025-3183
7.3A vulnerability has been found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file...
Latest Critical Vulnerabilities
-
CVE-2025-2005
9.8The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and...
-
CVE-2024-13553
9.8The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.7.9. This is due to the...
-
CVE-2025-2237
9.8The WP RealEstate plugin for WordPress, used by the Homeo theme, is vulnerable to authentication bypass in all versions up to, and including, 1.6.26. This is due to insufficient role restrictions...
-
CVE-2025-31084
9.8Deserialization of Untrusted Data vulnerability in sunshinephotocart Sunshine Photo Cart allows Object Injection. This issue affects Sunshine Photo Cart: from n/a through 3.4.10.
-
CVE-2025-3011
9.8SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
-
CVE-2025-2266
9.8The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the...
-
CVE-2025-2294
9.8The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. This makes it...
-
CVE-2025-2332
9.8The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input...