CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2024-51735: Cross-Site Scripting Vulnerability in the Osmedeus Offensive Security Tool
Osmedeus, a popular workflow engine used in offensive security, is impacted by a critical Cross-Site Scripting (XSS) vulnerability (CVE-2024-51735). When users view results generated by…
Read more >
RCE Vulnerability in GiveWP Plugin (CVE-2024-9634) Exposes 100,000+ WordPress Sites to Complete Takeover
CVE-2024-9634, a critical RCE vulnerability in the GiveWP plugin, enables unauthenticated code execution on 100,000+ WordPress sites—update to version 3.16.4 immediately to prevent site takeover…
Read more >
Vulnerability in Jetpack Plugin (Affects 27M+ WordPress Sites): Immediate Update Required to Prevent Data Exposure
A critical vulnerability in the Jetpack plugin’s Contact Form feature affects 27M+ WordPress sites, risking unauthorized data access—update to version 13.9.1 immediately to secure sensitive…
Read more >
CVE-2024-47374: Stored XSS Vulnerability in LiteSpeed Cache Plugin Puts 6M+ WordPress Sites at Risk
A high-severity stored XSS vulnerability (CVE-2024-47374) in the LiteSpeed Cache plugin allows unauthenticated script injection on over 6 million WordPress sites—update to version 6.5.1 immediately…
Read more >
CVE-2024-7772 & CVE-2024-7781: RCE and Account Takeover Vulnerabilities in Jupiter X Core Plugin Put 90,000+ WordPress Sites at Risk
Two critical vulnerabilities in the Jupiter X Core plugin (CVE-2024-7772 & CVE-2024-7781) expose over 90,000 WordPress sites to remote code execution and account takeover risks—immediate…
Read more >
CVE-2024-8275: SQL Injection Vulnerability in ‘The Events Calendar’ Plugin Puts 700,000+ WordPress Sites at Risk
A critical SQL injection vulnerability (CVE-2024-8275) in The Events Calendar plugin allows unauthenticated attackers to execute arbitrary SQL commands, risking data exposure and database integrity…
Read more >
