Sep 28, 2021 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
- Cozmoslabs Translatepress: public exploit or PoC linked (XSS)
- 8 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
- Public exploit or PoC available
- Exploit activity linked
- Internet-facing CMS deployments affected
WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.
Active exploit activity
- Public exploit or PoC available
- Exploit activity linked
- Internet-facing CMS deployments affected
WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.
Critical exposure
New critical Thinkphp SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
The TranslatePress WordPress plugin before 2.0.9 does not implement a proper sanitisation on the translated strings.
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it...
The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an a...
The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the "where" and "quer...
Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.
Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards.
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards.
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5.
A SQL injection vulnerability exists in Sureline SUREedge Migrator 7.0.7.29360.
View critical disclosures
cvelogic
Threat Intelligence