Researchers have issued advisories for eleven separate Elementor add-on plugins with 15 vulnerabilities that can make it possible for hackers to upload malicious files. One of them is rated as a high ...

WP Ghost, a popular security plugin, carried a 9.6-severity flaw It allows threat actors to execute malicious code, remotely The developers released a patch, and users should update now WP Ghost, a ...

Security research firm Huntress is warning all users of Gladinet's CentreStack and Triofox file-sharing tools to urgently apply an available mitigation, as a zero-day is being actively exploited and ...

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. Essential Addons for ...

Exploit code has been published for a local file inclusion (LFI) type of vulnerability affecting the Console plugin in Kibana data visualization tool for Elasticsearch; an attacker could use this to ...

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...

A researcher known for exposing application flaws posted screenshots showing Local File Inclusion vulnerabilities on Adult Friend Finder. The incident marks the second time in just over a year that ...

Gladinet CentreStack/Triofox have a zero-day vulnerability The flaw (CVE-2025-11371) enables remote code execution Users should apply mitigation as no patch is available Secure file sharing and remote ...