[WordPress] - WP Safe - 2025.02.18

[VULN] - Xerox Versalink Printers Vulnerable to Pass-Back Attacks - CVE-2024-12510 & CVE-2024-12511

Researchers at Rapid7 have identified vulnerabilities in Xerox Versalink C7025 multifunction printers that could enable attackers to steal user credentials. Tracked as CVE-2024-12510 and CVE-2024-12511, these flaws facilitate a "pass-back attack," in which the printer is deceived into returning authentication data to the attacker.

[VULN] - OpenSSH Client & Server Vulnerabilities Allow MiTM and DoS Attacks - CVE-2025-26465 & CVE-2025-26466

The Qualys Threat Research Unit (TRU) has revealed two newly discovered vulnerabilities in OpenSSH, impacting both clients and servers. Designated as CVE-2025-26465 and CVE-2025-26466, these flaws could allow attackers to carry out machine-in-the-middle (MITM) attacks and denial-of-service (DoS) exploits.

[WordPress] - WP Safe - 2025.02.18

Daily Summary of WordPress critical and high vulnerabilities

[VULN] - SQL Injection Vulnerability in PostgreSQL Allows Remote System Attacks - CVE-2025-1094

Rapid7 researchers have identified a high-severity SQL injection vulnerability (CVE-2025-1094) in PostgreSQL’s interactive tool, psql. Discovered during an investigation into the exploitation of a separate BeyondTrust vulnerability, this flaw enables attackers to execute arbitrary code on impacted systems.

[WordPress] - WP Safe - 2025.02.17

Daily Summary of WordPress critical and high vulnerabilities