ZDNet

Critical CSRF vulnerability found on Glassdoor company review platform

Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...
Searchenginejournal.com

WP Statistics WordPress Plugin Patches CSRF Vulnerability

The United States Government National Vulnerability Database (NVD) published an advisory about a vulnerability discovered in the WP Statistics WordPress plugin that affects up to 600,000 active ...
Searchenginejournal.com

WordPress Redux Plugin Vulnerability Affects +1 Million Sites

Redux, a popular WordPress plugin with more than 1 million active installations recently patched a vulnerability. The vulnerability allowed an attacker to bypass security measures in a Cross-Site ...
Nextgov

‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk

Get the latest federal technology news delivered to your inbox. The Cybersecurity and Infrastructure Security Agency issued an emergency directive Thursday instructing agencies to take immediate ...
CSOonline

Cisco patches serious flaws in Expressway and ClamAV

Cisco has fixed three serious cross-site request forgery (CSRF) vulnerabilities in its Expressway Series collaboration gateway and a denial-of-service (DoS) flaw in the ClamAV anti-malware engine.
Threat Post

Cisco DNA Center Bug Opens Enterprises to Remote Attack

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks. A cross-site request forgery (CSRF) vulnerability in the Cisco Digital Network Architecture ...