CVE-2025-0912 - Critical PHP Object Injection and RCE in Donations Widget WordPress Plugin (Up to 3.19.4)
WordPress is all about making things easier, from blogging to taking donations. But sometimes, plugins built to help can be a big risk. One such
CVE-2025-26970 - Code Injection Vulnerability in NotFound Ark Theme Core (Up to 1.70.) — A Complete Guide
On May 2025, security researchers discovered a major vulnerability—CVE-2025-26970—in the popular Ark Theme Core plugin by NotFound. This vulnerability lets attackers inject their
CVE-2025-1799 - Critical SSRF Vulnerability in Zorlan SkyCaiji 2.9 – Detailed Analysis and Exploit
Zorlan SkyCaiji is a popular web scraping and content collection system used by many organizations for managing large-scale data gathering. On June 13, 2024, a
CVE-2025-1791 - Critical Unrestricted File Upload in Zorlan SkyCaiji 2.9 (Complete Exploit Walkthrough)
A critical vulnerability, CVE-2025-1791, was discovered in Zorlan SkyCaiji 2.9. This flaw allows an attacker to upload any file—such as malicious scripts—directly
CVE-2025-0769 - Unauthenticated PHP Object Injection in PixelYourSite 10.1.1.1
WordPress plugins play a vital role in making websites dynamic and feature-rich. However, they can sometimes introduce security risks if not coded carefully. Recently, a
Episode
00:00:00
00:00:00