Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

January 17, 2025

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
“These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker

Source: Read More

Previous ArticleMonitor server-side latency for Amazon MemoryDB for Valkey

Next Article UEFI Secure Boot: Not so secure?

Highlights

CVE-2025-4963 – “WordPress WP Extended Stored Cross-Site Scripting”

May 28, 2025

CVE ID : CVE-2025-4963

Published : May 28, 2025, 10:15 a.m. | 1 hour, 20 minutes ago

Description : The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

Alienware’s rumored laptop could be the first to feature NVIDIA’s revolutionary Arm-based APU

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

From Kitchen To Conversion

Perficient Included in Forrester’s AI Technical Services Landscape, Q2 2025

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

The Open Source LLM Agent Handbook: How to Automate Complex Tasks with LangGraph and CrewAI

Markus Buehler receives 2025 Washington Award

Error’d: The State of the Arts

Best practice for UI testing an app in kiosk mode

Rilasciata Solus 4.7 “Endurance”: L’ultima versione della distribuzione GNU/Linux indipendente e rolling-release

CVE-2025-3597 – Firelight Lightbox WordPress Plugin Cross-Site Scripting Vulnerability

CVE-2025-4963 – “WordPress WP Extended Stored Cross-Site Scripting”

Chess Clock – time games of over-the-board chess

CVE-2025-3968 – Codeprojects News Publishing Site Dashboard SQL Injection Vulnerability

Building SaaS Website #13: Single Page Applications (SPA) – Admin Panel (Part 1)

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Related Posts