Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

The Nmap Project has officially launched the highly anticipated Nmap 7.96, bringing a wealth of new features, performance upgrades, and bug fixes to the popular network scanning tool. As a fundamental …
Read more

Published Date:
May 08, 2025 (1 week, 2 days ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20188

CVE-2025-27363

CVE-2024-54772

CVE ID : CVE-2025-4610

Published : May 17, 2025, 10:15 a.m. | 2 hours, 53 minutes ago

Description : The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s wpmem_user_memberships shortcode in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4824

Published : May 17, 2025, 10:15 a.m. | 1 hour, 3 minutes ago

Description : A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…