Topic: unauthenticated exploitation

Sort by: Relevance | Date
  • Critical 'React2Shell' Vulnerability Exposes React.js
    December 6, 2025
    85%

    Critical 'React2Shell' Vulnerability Exposes React.js

    A critical vulnerability (CVE-2025-55182) in React.js and Next.js, dubbed React2Shell, allows unauthenticated remote code execution with a severity score of 10.0, posing a severe risk to servers. The flaw, exploitable via a simple HTTP request, impacts React Server Function endpoints and default ...

    Read More »
  • Critical Vulnerability Found in W3 Total Cache WordPress Plugin
    November 21, 2025
    85%

    Critical Vulnerability Found in W3 Total Cache WordPress Plugin

    A critical security flaw (CVE-2025-9501) in the W3 Total Cache WordPress plugin allows unauthenticated attackers to execute arbitrary PHP commands via specially crafted comments, affecting all versions before 2.8.13. The vulnerability, located in the `_parse_dynamic_mfunc()` function, was fixed i...

    Read More »

Related Topics

remote code execution (1) cybersecurity warnings (1) WordPress Security (1) exploitation activity (1) security patch (1) vulnerable configurations (1) command injection (1) react2shell vulnerability (1)