Zero day exploit for Nehelper Wifi Info on iOS 15.0. XPC endpoint com.apple.nehelper accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, the com.apple.developer.networking.wifi-info…
Apache James Server 2.3.2 – Remote Command Execution (RCE) (Authenticated) (2)
WordPress Plugin Popup 1.10.4 – Reflected Cross-Site Scripting (XSS)
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – ‘Add Admin’ Cross-Site Request Forgery (CSRF)
WordPress Plugin Ultimate Maps 1.2.4 – Reflected Cross-Site Scripting (XSS)
WordPress Plugin Contact Form 1.7.14 – Reflected Cross-Site Scripting (XSS)
WordPress Plugin TranslatePress 2.0.8 – Stored Cross-Site Scripting (XSS) (Authenticated)
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – Hidden Backdoor Account (Write Access)
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – Remote Privilege Escalation
FatPipe Networks WARP 10.2.2 – Authorization Bypass