SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
ModelScan - Protection Against Model Serialization Attacks
Published: 2025-02-17
Last Updated: 2025-02-18 00:37:10 UTC
by Russ McRee (Version: 1)
Protect AI’s OSS portfolio includes tools aimed at improving security of AI/ML software. These tools are meant for a wide range of engineering, security and ML practitioners including developers, security engineers/researchers, ML engineers, LLM engineers and prompt engineers, and data scientists.
Of particular interest in light of model serialization attacks is ModelScan.
Headlines as recent as 6 FEB 2025 remind us that the popular Python Pickle serialization format, common for distributing AI models, offers attackers opportunities to inject malicious code to be executed when loading models with PyTorch. See Malicious ML models discovered on Hugging Face platform. Post training, model’s mathematical representations can be stored in a variety of data serialization formats to be shared and reused without the need for additional model training. Pickle is a popular Python module used for serializing and deserializing ML model data. While easy to use, Pickle is considered an unsafe data format, as it allows Python code to be executed during ML model deserialization.
As you can imagine, even as protective measures are being implemented, safety scanning is still recommended. ModelScan offers such capabilities with ease and convenience. ModelScan is incredibly well documented and include notebooks to aid experimentation and adoption.
I’ll share my quick setup steps, modify to your liking and preferences. These assume you’re building from scratch including Jupyter ...
Read the full entry: https://isc.sans.edu/diary/ModelScan+Protection+Against+Model+Serialization+Attacks/31692/
XWorm Cocktail: A Mix of PE data with PowerShell Code
Published: 2025-02-19
Last Updated: 2025-02-19 07:39:49 UTC
by Xavier Mertens (Version: 1)
While hunting, I spent some time trying to deobfuscate a malicious file discovered on VT. It triggered my PowerShell rule. At the end, I found two files that look close together ...
They are identified as “data files,” and their upload names are, respectively, “XClient<.>exe” and “XingCode Unblocker 2025<.>exe". XignCode is anti-cheat software primarily used in online games to prevent cheating, hacking, and the use of unauthorized third-party tools. Note the typo in the file name!
When you open the file, you see this:
Read the full entry: https://isc.sans.edu/diary/XWorm+Cocktail+A+Mix+of+PE+data+with+PowerShell+Code/31700/
The Danger of IP Volatility (2025.02.15)
https://isc.sans.edu/diary/The+Danger+of+IP+Volatility/31688/
Fake BSOD Delivered by Malicious Python Script (2025.02.14)
https://isc.sans.edu/diary/Fake+BSOD+Delivered+by+Malicious+Python+Script/31686/
DShield SIEM Docker Updates (2025.02.13)
https://isc.sans.edu/diary/DShield+SIEM+Docker+Updates/31680/
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
Product: Microsoft Windows 10 1507
CVSS Score: 7.1
** KEV since 2025-02-11 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21391
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21391
Product: Microsoft Windows 10 1607
CVSS Score: 7.8
** KEV since 2025-02-11 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21418
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21418
Product: Apple iPadOS
CVSS Score: 6.1
** KEV since 2025-02-12 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24200
NVD References:
- https://support.apple.com/en-us/122173
- https://support.apple.com/en-us/122174
Product: Wazuh
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24016
NVD References: https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh
Product: Quanxun School Affairs System
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1144
NVD References:
Product: Wattsense Bridge
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26410
NVD References:
- https://r.sec-consult.com/wattsense
- https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes
Product: PandasAI
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12366
NVD References:
- https://docs.getpanda.ai/v3/privacy-security
Product: Ivanti CSA
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-47908
NVD References:
Product: Misskey Concorde
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24973
NVD References:
- https://github.com/nexryai/concorde/commit/1f6ac9b289906083b132e4f9667a31a60ef83e4e
- https://github.com/nexryai/concorde/security/advisories/GHSA-2369-p2wh-7cc2
Product: Lexmark Print Management Client
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1126
NVD References: https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html
Product: Microsoft High Performance Compute (HPC) Pack
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-21198
NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21198
Product: Adobe Commerce
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24434
NVD References: https://helpx.adobe.com/security/products/magento/apsb25-08.html
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1100
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-1100
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26339
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26339
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26341
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26341
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26342
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26342
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26344
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26344
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26345
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26345
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26347
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26347
Product: Q-Free MaxTime
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26359
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26359
Product: Q-Free MaxTime
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26361
NVD References: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-26361
Product: PHPGurukul Daily Expense Tracker System
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25349
Product: PHPGurukul Land Record System
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25388
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25389
NVD References: https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Land%20record/SQL%20Injection%20p%20editid.pdf
Product: Stroom
CVSS Score: 9.4
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25182
NVD References:
- https://github.com/gchq/stroom/pull/4320
- https://github.com/gchq/stroom/security/advisories/GHSA-x489-xx2m-vc43
Product: CrowdStrike Falcon Sensor
CVSS Score: 8.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1146
ISC Podcast: https://isc.sans.edu/podcastdetail/9324
NVD References: https://www.crowdstrike.com/security-advisories/cve-2025-1146/
Product: PHP PDO
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-31631
NVD References:
- https://bugs.php.net/bug.php?id=81740
Product: MaysWind ezBookkeeping
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57604
NVD References:
Product: GitLab CE/EE
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7102
NVD References:
Product: Crayfish Homarus FFmpeg library
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25286
NVD References:
- https://github.com/Islandora/Crayfish/commit/64cb4cec688928798cc40e6f0a0e863d7f69fd89
- https://github.com/Islandora/Crayfish/security/advisories/GHSA-mm6v-68qp-f9fw
Product: Orthanc Server
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0896
NVD References: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-02
Product: PostgreSQL
CVSS Score: 8.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1094
ISC Podcast: https://isc.sans.edu/podcastdetail/9326
NVD References:
- https://www.postgresql.org/support/security/CVE-2025-1094/
- http://www.openwall.com/lists/oss-security/2025/02/16/3
- https://lists.debian.org/debian-lts-announce/2025/02/msg00015.html
Product: Anapi Group h6webCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1270NVD References: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-anapi-group-h6webCVE-2025-1127 - The vulnerability in the product allows attackers to execute arbitrary code and modify filesystem data.Product: LexmarkCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1127NVD References: https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.htmlCVE-2023-34399 - Mercedes-Benz head-unit NTG6 is vulnerable to integer overflow due to a boost library vulnerability in the profile settings import/export function over USB.Product: Mercedes-Benz head-unit NTG6CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34399NVD References: https://securelist.com/mercedes-benz-head-unit-security-research/115218/CVE-2025-1283 - The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements.Product: Dingtian DT-R0 SeriesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1283NVD References: - https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-18- https://www.dingtian-tech.com/en_us/aboutus.html?tab=contact_usCVE-2025-24865 - The mySCADA myPRO Manager administrative web interface allows unauthorized access, putting sensitive information at risk.Product: mySCADA myPRO ManagerCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24865NVD References: - https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16- https://www.myscada.org/contacts/- https://www.myscada.org/downloads/mySCADAPROManager/CVE-2025-25067 - mySCADA myPRO Manager is vulnerable to OS command injection, allowing remote attackers to execute arbitrary commands.Product: mySCADA myPRO ManagerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25067NVD References: - https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16- https://www.myscada.org/contacts/- https://www.myscada.org/downloads/mySCADAPROManager/CVE-2024-13152 - Mobuy Online Machinery Monitoring Panel: before 2.0 is vulnerable to authorization bypass through user-controlled SQL primary key, allowing SQL injection.Product: BSS Software Mobuy Online Machinery Monitoring PanelCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13152NVD References: https://www.usom.gov.tr/bildirim/tr-25-0033CVE-2025-0867 - MEAC applications are vulnerable to privilege escalation due to stored administrator credentials, allowing the EPC2 user to execute commands with administrative privileges.Product: MEAC EPC2 CVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0867NVD References: - https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF- https://sick.com/psirt- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices- https://www.first.org/cvss/calculator/3.1- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdfCVE-2025-1302 - jsonpath-plus before version 10.3.0 is vulnerable to Remote Code Execution (RCE) through unsafe default usage of eval='safe' mode, allowing attackers to execute arbitrary code on the system.Product: npmjs jsonpath-plusCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1302NVD References: - https://gist.github.com/nickcopi/11ba3cb4fdee6f89e02e6afae8db6456- https://github.com/JSONPath-Plus/JSONPath/blob/8e4acf8aff5f446aa66323e12394ac5615c3b260/src/Safe-Script.js%23L127- https://github.com/JSONPath-Plus/JSONPath/commit/30942896d27cb8a806b965a5ca9ef9f686be24ee- https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-8719585CVE-2024-57971 - Knowage Server in KNOWAGE before 8.1.30 allows attackers to bypass security measures by not enforcing proper JNDI naming conventions in DataSourceResource.java.Product: Knowage ServerCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57971NVD References: - https://github.com/KnowageLabs/Knowage-Server/commit/f7d0362f737e1b0db1cc9cc95b1236d62d83dd0c- https://github.com/KnowageLabs/Knowage-Server/compare/v8.1.29...v8.1.30- https://spagobi.readthedocs.ioCVE-2025-1387 - Orca HCM from LEARNING DIGITAL is vulnerable to unauthorized logins due to an Improper Authentication flaw.Product: LEARNING DIGITAL Orca HCMCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1387NVD References: - https://www.twcert.org.tw/en/cp-139-8428-59a9a-2.html- https://www.twcert.org.tw/tw/cp-132-8427-daea8-1.htmlCVE-2025-22630 - MarketingFire Widget Options is vulnerable to OS Command Injection through improper neutralization of special elements used in a command.Product: MarketingFire Widget OptionsActive Installations: 100,000+CVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22630NVD References: https://patchstack.com/database/wordpress/plugin/widget-options/vulnerability/wordpress-widget-options-plugin-4-1-0-arbitrary-code-execution…
Product: Mercedes-Benz head-unit NTG6
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34399
NVD References: https://securelist.com/mercedes-benz-head-unit-security-research/115218/
Product: Dingtian DT-R0 Series
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1283
NVD References:
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-18
- https://www.dingtian-tech.com/en_us/aboutus.html?tab=contact_us
Product: mySCADA myPRO Manager
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24865
NVD References:
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16
Product: mySCADA myPRO Manager
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25067
NVD References:
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16
Product: BSS Software Mobuy Online Machinery Monitoring Panel
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13152
NVD References: https://www.usom.gov.tr/bildirim/tr-25-0033
Product: MEAC EPC2
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0867
NVD References:
- https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.json
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0001.pdf
Product: npmjs jsonpath-plus
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1302
NVD References:
- https://gist.github.com/nickcopi/11ba3cb4fdee6f89e02e6afae8db6456
- https://github.com/JSONPath-Plus/JSONPath/commit/30942896d27cb8a806b965a5ca9ef9f686be24ee
- https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-8719585
Product: Knowage Server
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57971
NVD References:
- https://github.com/KnowageLabs/Knowage-Server/commit/f7d0362f737e1b0db1cc9cc95b1236d62d83dd0c
- https://github.com/KnowageLabs/Knowage-Server/compare/v8.1.29...v8.1.30
Product: LEARNING DIGITAL Orca HCM
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1387
NVD References:
Product: MarketingFire Widget Options
Active Installations: 100,000+
CVSS Score: 9.9
Product: WP Foodbakery WordPress
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13011
NVD References:
- https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331
CVE-2025-0180 - The WP Foodbakery plugin for WordPress allows unauthenticated attackers to register as an administrator due to privilege escalation vulnerability.
Product: WordPress WP Foodbakery plugin
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0180
NVD References:
- https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331
CVE-2025-0181 - The WP Foodbakery plugin for WordPress allows unauthenticated attackers to gain administrator access by not properly validating a user's identity.
Product: WP Foodbakery WordPress
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0181
NVD References:
- https://themeforest.net/item/food-bakery-restaurant-bakery-responsive-wordpress-theme/18970331
CVE-2022-3180 - The WPGateway Plugin for WordPress allows unauthenticated attackers to create malicious admin accounts by exploiting privilege escalation up to version 3.5.
Product: WordPress WPGateway Plugin
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-3180
NVD References:
CVE-2024-13421 - The Real Estate 7 WordPress theme for WordPress allows unauthenticated attackers to register new administrative user accounts due to privilege escalation vulnerability.
Product: Real Estate 7 WordPress
Active Installations: unknown. Updated to v3.5.2 on 1/31/2025
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13421
NVD References:
- https://contempothemes.com/changelog/
- https://themeforest.net/item/wp-pro-real-estate-7-responsive-real-estate-wordpress-theme/12473778
CVE-2024-12213 - The WP Job Board Pro plugin for WordPress allows unauthenticated attackers to register as an administrator due to privilege escalation vulnerability.
Product: WordPress WP Job Board Pro
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12213
NVD References:
- https://themeforest.net/item/superio-job-board-wordpress-theme/32180231
CVE-2024-13365 - The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to arbitrary file uploads via .zip archives, allowing unauthenticated attackers to potentially execute remote code.
Product: CleanTalk Security & Malware scan by CleanTalk plugin
Active Installations: 30,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13365
NVD References:
- https://plugins.trac.wordpress.org/changeset/3229205/security-malware-firewall#file527
CVE-2024-10960 - The Brizy – Page Builder plugin for WordPress allows authenticated attackers to upload arbitrary files and potentially execute remote code.
Product: Brizy Page Builder plugin for WordPress
Active Installations: 80,000+
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-10960
NVD References:
- https://plugins.trac.wordpress.org/changeset/3222672/brizy/tags/2.6.5/editor/zip/archiver.php
CVE-2024-10763 - The Campress theme for WordPress is vulnerable to Local File Inclusion through the 'campress_woocommerce_get_ajax_products' function, allowing unauthenticated attackers to execute arbitrary files and potentially gain sensitive data or take control of the server.
Product: WordPress Campress theme
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-10763
NVD References:
CVE-2024-13182 - The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass, allowing unauthenticated attackers to log in as any existing user on the site.
Product: WordPress WP Directorybox Manager
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13182
NVD References:
CVE-2024-13513 - The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to sensitive information exposure in versions up to 2.4.2.3, allowing unauthenticated attackers to extract and misuse sensitive data, resulting in potential site takeover.
Product: Oliver POS A WooCommerce Point of Sale (POS)
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13513
NVD References:
CVE-2024-12562 - The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection, up to version 241216, allowing unauthenticated attackers to inject a PHP Object.
Product: s2Member Pro WordPress
Active Installations: 10,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12562
NVD References:
Product: WordPress WPGateway Plugin
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-3180
NVD References:
Product: Real Estate 7 WordPress
Active Installations: unknown. Updated to v3.5.2 on 1/31/2025
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13421
NVD References:
- https://contempothemes.com/changelog/
- https://themeforest.net/item/wp-pro-real-estate-7-responsive-real-estate-wordpress-theme/12473778
Product: WordPress WP Job Board Pro
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12213
NVD References:
- https://themeforest.net/item/superio-job-board-wordpress-theme/32180231
Product: CleanTalk Security & Malware scan by CleanTalk plugin
Active Installations: 30,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13365
NVD References:
- https://plugins.trac.wordpress.org/changeset/3229205/security-malware-firewall#file527
Product: Brizy Page Builder plugin for WordPress
Active Installations: 80,000+
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-10960
NVD References:
- https://plugins.trac.wordpress.org/changeset/3222672/brizy/tags/2.6.5/editor/zip/archiver.php
CVE-2024-10763 - The Campress theme for WordPress is vulnerable to Local File Inclusion through the 'campress_woocommerce_get_ajax_products' function, allowing unauthenticated attackers to execute arbitrary files and potentially gain sensitive data or take control of the server.
Product: WordPress Campress theme
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-10763
NVD References:
CVE-2024-13182 - The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass, allowing unauthenticated attackers to log in as any existing user on the site.
Product: WordPress WP Directorybox Manager
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13182
NVD References:
CVE-2024-13513 - The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to sensitive information exposure in versions up to 2.4.2.3, allowing unauthenticated attackers to extract and misuse sensitive data, resulting in potential site takeover.
Product: Oliver POS A WooCommerce Point of Sale (POS)
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13513
NVD References:
CVE-2024-12562 - The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection, up to version 241216, allowing unauthenticated attackers to inject a PHP Object.
Product: s2Member Pro WordPress
Active Installations: 10,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12562
NVD References:
Product: WordPress WP Directorybox Manager
Active Installations: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13182
NVD References:
Product: Oliver POS A WooCommerce Point of Sale (POS)
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13513
NVD References:
Product: s2Member Pro WordPress
Active Installations: 10,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12562
NVD References:
Survey | 2025 SANS SOC Survey: Facing Top Challenges in Security Operations | The goal of this survey is to collect data and deliver a supporting white paper for those looking to establish a new SOC or increase the efficiency and effectiveness of an existing SOC. Complete the survey by March 24 for a chance to win a $400 Amazon gift card!
Webcast | From Data to Decision: A Look into Babel Street’s Cutting-Edge OSINT Solutions February 24, 12:30 pm ET In this webcast, explore how Babel Street empowers commercial enterprises, defense, intelligence, and law enforcement to harness the full potential of multilingual data from public, commercial, and deep/dark web sources, including ultra rare, hard-to-reach sources. Save your seat today!
Webcast | Securing the Future with Microsoft Defender for Cloud: Best Practices and Insights | March 26, 1:00 ET | Join Dave Shackleford, and Microsoft’s Dick Lake, as they explore practical approaches to securing cloud environments. Gain a deeper understanding of key areas such as cloud security posture management, DevOps security, and detection and response strategies—all tailored to help you future-proof your organization in an ever-changing threat landscape. Save your seat today!
Webcast: March 4 at 1:00 ET | 2025 ICS Security Budget vs. Modern Risk Webcast: Optimizing Cybersecurity Investments for ICS/OT and Critical Infrastructure | Join Dean Parsons as he explores actionable insights into balancing security budgets with the unique needs and risks of ICS/OT systems in the face of escalating cyber threats.