logo
The Timetable and Event Schedule by MotoPress plugin for WordPress is vulnerable to SQL Injection via the 'events' attribute of the 'mp-timetable' shortcode in all versions up to, and including, 2.4.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

#GADGET

Hak5

Hacking Tools & Media

Flipper Zero

A portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like.

PC Security

PC Magazine UK is your complete guide to computers, phones, tablets, peripherals and more. We test and review the latest gadgets, products and services, report technology news and trends, and provide shopping advice and price comparisons.

PCWorld

PCWorld helps you navigate the PC ecosystem to find the products you want and the advice you need to get the job done.