CVE-2024-13613 – Wise Chat WordPress Sensitive Information Exposure

May 17, 2025

CVE ID : CVE-2024-13613

Published : May 17, 2025, 12:15 p.m. | 53 minutes ago

Description : The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.3 via the ‘uploads’ directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely in the /wp-content/uploads directory which can contain file attachments included in chat messages. The vulnerability was partially patched in version 3.3.3.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3527 – WordPress EventON Pro Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-3888 – “Jupiter X Core Stored Cross-Site Scripting Vulnerability”

Highlights

CVE-2025-5569 – IdeaCMS SQL Injection Vulnerability

June 4, 2025

CVE ID : CVE-2025-5569

Published : June 4, 2025, 6:15 a.m. | 1 hour, 18 minutes ago

Description : A vulnerability was found in IdeaCMS up to 1.7 and classified as critical. This issue affects the function Article/Goods of the file /api/v1.index.article/getList.html. The manipulation of the argument Field leads to sql injection. The attack may be initiated remotely. Upgrading to version 1.8 is able to address this issue. The patch is named 935aceb4c21338633de6d41e13332f7b9db4fa6a. It is recommended to upgrade the affected component.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2024-13613 – Wise Chat WordPress Sensitive Information Exposure

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

AI-First Transformation Strategy Unfolds at the 3M Open

CVE-2025-4649 – Centreon Web Privilege Escalation Vulnerability

CVE-2025-1253 – RTI Connext Professional Classic Buffer Overflow

CVE-2025-44044 – Keyoti SearchUnit XXE File Exfiltration

CVE-2025-5569 – IdeaCMS SQL Injection Vulnerability

Streamline Pipeline Cleanup with Laravel’s finally Method

Nước đá Phát Anh Tiến

CVE-2025-5692 – WordPress Lead Form Data Collection to CRM Plugin Privilege Escalation Vulnerability

CVE-2024-13613 – Wise Chat WordPress Sensitive Information Exposure

Related Posts