[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"cve-CVE-2026-13704":3,"landing-trending":49,"landing-articles":133},{"id":4,"cve_id":5,"summary":6,"published":7,"cvss_data":8,"is_remote":18,"cwes":19,"cpes":21,"technologies":22,"references":23,"score":33,"epss_score":34,"epss_percentile":35,"is_kev":36,"cisa_kev_date_added":37,"cisa_kev_due_date":37,"cisa_ssvc":38,"exploits":48},362197,"CVE-2026-13704","The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sequoia[introduction][image]' parameter in all versions up to, and including, 4.16.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Give Worker-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.","2026-07-02T06:16:00Z",{"cvss_v3.1":9},{"scope":10,"version":11,"baseScore":12,"attackVector":13,"baseSeverity":14,"vectorString":15,"integrityImpact":16,"userInteraction":17,"attackComplexity":16,"availabilityImpact":17,"privilegesRequired":16,"confidentialityImpact":16},"CHANGED","3.1",6.4,"NETWORK","MEDIUM","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","LOW","NONE",true,[20],"CWE-79",[],[],[24,25,26,27,28,29,30,31,32],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.14.6\u002Fincludes\u002Fadmin\u002Fforms\u002Fclass-metabox-form-data.php#L1180","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.14.6\u002Fincludes\u002Fformatting.php#L758","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.14.6\u002Fsrc\u002FViews\u002FForm\u002FTemplates\u002FSequoia\u002FSequoia.php#L459","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.14.6\u002Fsrc\u002FViews\u002FForm\u002FTemplates\u002FSequoia\u002Fsections\u002Fintroduction.php#L33","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.16.0\u002Fincludes\u002Fadmin\u002Fforms\u002Fclass-metabox-form-data.php#L1180","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.16.0\u002Fincludes\u002Fformatting.php#L758","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.16.0\u002Fsrc\u002FViews\u002FForm\u002FTemplates\u002FSequoia\u002FSequoia.php#L459","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fgive\u002Ftags\u002F4.16.0\u002Fsrc\u002FViews\u002FForm\u002FTemplates\u002FSequoia\u002Fsections\u002Fintroduction.php#L33","https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fee18552b-2814-4598-9b7b-7c919d6d644e?source=cve",0.52,0.00235,0.14308,false,null,{"timestamp":39,"automatable":40,"tech_impact":41,"exploitation":42,"cisa_decision":43,"cisa_remediation_timeline":47},"2026-07-02T12:34:55.690582Z","no","partial","none",{"vector":44,"decision":45,"priority":46},"CISAv1\u002FE:N\u002FA:N\u002FT:P\u002FM:H\u002F2026-07-03T11:31:25.377481\u002F","track_star","medium","60D",[],{"count":50,"next":51,"previous":37,"results":52},100,"http:\u002F\u002Fweb:8606\u002Fapi\u002Ftrending_attacks\u002F?page=2&sorted_by=-published_at",[53,61,69,78,87,95,104,111,118,125],{"id":50,"title":54,"summary":55,"published_at":56,"severity":57,"vendor":58,"products":59},"Path Traversal in Fortinet FortiWeb","A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.","2026-07-02T07:59:54.439007Z",4,"Fortinet",[60],"FortiWeb",{"id":62,"title":63,"summary":64,"published_at":65,"severity":57,"vendor":66,"products":67},99,"ColdFusion Unrestricted Upload of File","ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.","2026-07-02T07:48:02.517213Z","Adobe",[68],"ColdFusion",{"id":70,"title":71,"summary":72,"published_at":73,"severity":57,"vendor":74,"products":75},98,"Remote Code Execution in PTC products","PTC Windchill PDMLink is a product data management (PDM) system used to manage engineering documents, CAD files, and product structures throughout the product development lifecycle, primarily in manufacturing and engineering industries.\r\nPTC FlexPLM is a product lifecycle management (PLM) solution tailored for the retail, footwear, and apparel industries, helping companies manage product development from concept and design through sourcing, costing, and commercialization.\r\n\r\nCVE-2026-12569 is a critical remote code execution (RCE) vulnerability affecting both PTC Windchill PDMLink and PTC FlexPLM, arising from improper input validation and unsafe deserialization of untrusted data. \r\nIt could allow an unauthorized user to execute code remotely,","2026-06-26T09:35:34.234419Z","PTC",[76,77],"Windchill PDMLink","FlexPLM",{"id":79,"title":80,"summary":81,"published_at":82,"severity":83,"vendor":84,"products":85},96,"Memory corruption leading to RCE in libssh2","libssh2 is an open-source C library that implements the SSH-2 protocol. It allows client applications to establish secure, encrypted connections to SSH servers — enabling operations like remote command execution, file transfer (via SFTP and SCP), and port forwarding \r\nIt is commonly embedded in tools and applications that need SSH connectivity as a built-in capability rather than a dependency on a system SSH client. Notable usage include curl and libgit2.\r\n\r\nCVE-2026-55200 allows a remote attacker to send a crafted packet that could corrupt the heap memory and perform an command execution","2026-06-24T08:21:28.364054Z",3,"",[86],"libssh2",{"id":88,"title":89,"summary":90,"published_at":91,"severity":57,"vendor":92,"products":93},97,"Multiples vulnerabilities on UniFi OS","UniFi OS is a unified operating system developed by Ubiquiti that runs on their line of network management hardware, such as the UniFi Dream Machine and Cloud Key devices.\r\n\r\n- CVE-2026-34908 allows a remote attacker to perform unauthorized changes to the system.\r\n- CVE-2026-34909 is a unauthenticated path traversal\r\n- CVE-2026-34910 is an unauthenticated Command Injection (RCE)","2026-06-24T08:09:05.296417Z","Ubiquiti",[94],"UniFI OS",{"id":96,"title":97,"summary":98,"published_at":99,"severity":100,"vendor":58,"products":101},95,"Fortinet\u002FFortiGate VPN Credential Leak (FortiBleed)","A leaked dataset \"FortiBleed\" exposed credentials (usernames, emails, and plaintext passwords) for ~73,900 firewall URLs. Researchers confirmed portions of the data are authentic. The data appears to have been extracted from exported Fortinet configurations. It is attributed to a Russian-speaking threat group that ran large-scale brute-force\u002Fcredential-harvesting campaigns against FortiGate and MSSQL targets, cracked intercepted SSL VPN auth hashes, and used recovered credentials for lateral movement. \r\n\r\nIf you suspect you're impacted: rotate all SSL VPN and admin credentials, enforce MFA on all VPN and admin access, and audit your logs for unexpected logins, config changes, and rogue admin accounts.\r\nYou can use tools cited in the article (hudsonrock.com\u002Ffortinet) to see if your domain appears in the leak.\r\nWe will check whether our assets are potentially impacted, but it remains important to keep Fortinet products up to date.","2026-06-19T08:31:07.471537Z",0,[102,103],"FortiGate","FortiOS SSL VPN",{"id":105,"title":106,"summary":107,"published_at":108,"severity":57,"vendor":84,"products":109},94,"Remote Code Execution in JCE extension for Joomla \u003C 2.9.99.5","A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.","2026-06-17T10:21:15.137473Z",[110],"Joomla Content Editor (JCE) extension for Joomla",{"id":112,"title":113,"summary":114,"published_at":115,"severity":57,"vendor":58,"products":116},93,"Path traversal vulnerability in Fortinet FortiSandbox","A path traversal: '..\u002Ffiledir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via specially crafted HTTP requests.","2026-06-16T09:31:20.209747Z",[117],"FortiSandbox",{"id":119,"title":120,"summary":121,"published_at":122,"severity":57,"vendor":84,"products":123},92,"Authentication Bypass via Missing OIDC JWT Signature Verification in SimpleHelp","SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary identity claims to obtain a fully authenticated technician session. In some configurations, this may also allow bypass of multi-factor authentication. No user interaction is required.","2026-06-16T08:22:03.279323Z",[124],"SimpleHelp",{"id":126,"title":127,"summary":128,"published_at":129,"severity":83,"vendor":130,"products":131},91,"Unauthenticated Authentication Bypass on UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress","The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.26.4 via the UpdraftPlus_Remote_Communications_V2::wp_loaded function. This is due to insufficient validation of the remote communications message format, where signature verification can be bypassed and unchecked decryption return values collapse to a predictable all-zero encryption key. This makes it possible for unauthenticated attackers to forge arbitrary RPC commands and run them as the connected administrator, such as uploading and activating a malicious plugin, which ultimately leads to remote code execution.","2026-06-15T11:54:47.211787Z","davidanderson",[132],"UpdraftPlus",{"count":134,"next":135,"previous":37,"results":136},14,"http:\u002F\u002Fweb:8606\u002Fapi\u002Farticles\u002F?page=2&sorted_by=-published_at",[137,144,150,156,163,170,177,183,191,199],{"id":134,"title":138,"summary":139,"published_at":140,"type":141,"link":142,"image_url":143},"Cyber security frameworks: technical vs compliance, and what automation changes.","OWASP, NIS Regulations, FCA resilience, UK GDPR… two families of framework, two uses. How to choose by context, and how far automation can take you.","2026-06-30T00:00:00Z","security tips","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fcyber-security-frameworks-technical-vs-compliance-2026","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002Ffd2bcdb500-1782814993\u002Fcyber-security-framework-2026-og.png",{"id":145,"title":146,"summary":146,"published_at":147,"type":148,"link":149,"image_url":84},12,"OWASP Top 10 2025 : nouveautés, classement et données 2026","2026-06-29T00:00:00Z","astuces","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fowasp-top-10-2025-nouveautes-classement-et-donnees-2026",{"id":151,"title":152,"summary":153,"published_at":147,"type":141,"link":154,"image_url":155},13,"OWASP Top 10 2025: the ranking, the changes and the 2026 data","Two new categories, SSRF absorbed, security misconfiguration now at #2. The new OWASP ranking explained, with the 2026 supply-chain data that matters.","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fowasp-top-10-2025-what-s-changed-and-the-2026-data","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002Fa617128d05-1782741441\u002Fowasp-top-10-2025-open-graph-uk.png",{"id":157,"title":158,"summary":159,"published_at":160,"type":141,"link":161,"image_url":162},11,"Types of pentest: a complete guide to choosing the right penetration test","Web, API, DNS, OSINT, cloud, mobile, subdomain takeover: a complete guide to 18 types of penetration tests, what each approach covers, and how to choose based on your operational and regulatory context.","2026-06-23T00:00:00Z","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fpenetration-testing-types","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002Fb4d89de5a0-1781878397\u002Ftypes-of-penetration-testing.png",{"id":164,"title":165,"summary":166,"published_at":167,"type":141,"link":168,"image_url":169},10,"M&A: you","In mergers and acquisitions, the acquirer inherits the target","2026-06-22T00:00:00Z","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fmergers-acquisitions-attack-surface-cyber-risk","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002Fb983b7e9c2-1781878587\u002Fma-attack-surface-management.png",{"id":171,"title":172,"summary":173,"published_at":174,"type":141,"link":175,"image_url":176},8,"Compromised cloud vendor: how a third party becomes the entry point into your IT system","30% of data breaches go through a third-party vendor in 2025. When that vendor is in the cloud, the exposed perimeter goes far beyond what your team monitors. Mechanisms, real examples, and an operational response.","2026-06-18T00:00:00Z","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fcompromised-cloud-vendor-tprm-third-party-risk","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F94bc4907ba-1781878622\u002Ftprm-risk-attack-surface-management.png",{"id":178,"title":179,"summary":180,"published_at":174,"type":141,"link":181,"image_url":182},9,"MTTR and MTTE: how to reduce MTTR in the window between alert and compromise","60 to 150 days to fix a critical vulnerability. A few days for an exploit to become available. In between, your organization is exposed. How to shrink that window, and why your displayed MTTR is probably wrong.","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fmttr-mtte-remediation-window-vulnerability","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F2f9ed451c4-1781880948\u002Fmttr-mtte-3.png",{"id":184,"title":185,"summary":186,"published_at":187,"type":188,"link":189,"image_url":190},7,"BOD 26-04: Patch Less, but Better — and Bury the CVSS Score","Good news for security teams: CISA makes ","2026-06-12T00:00:00Z","retrospectives","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fbod-26-04-risk-based-vulnerability-prioritization","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F6f92dd1001-1781278893\u002Fcisa-s-new-vulnerability-prioritization-model.png",{"id":192,"title":193,"summary":194,"published_at":195,"type":196,"link":197,"image_url":198},6,"The Job of a CISO Is Hell (And It","One title. A thousand responsibilities. Discover how the modern CISO became the most overloaded role in cybersecurity.","2026-06-09T00:00:00Z","retrospectives\u003C\u002F","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fciso-2026-responsibilities-challenges-and-the-reality-modern-cybersecurity-leadership","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F8ba4a455cb-1780994889\u002Fciso.during.holidays.png",{"id":200,"title":201,"summary":202,"published_at":203,"type":141,"link":204,"image_url":205},5,"Vulnerability management: from scanning to risk reduction","Why CVSS is no longer enough. Learn how leading security teams prioritize vulnerabilities using EPSS, KEV and exposure management.","2026-06-08T00:00:00Z","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fhow-build-proactive-vulnerability-management","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F7874f07c28-1780912418\u002Fadvanced.vulnerability.management.png"]