security

CVE-2025-11380 – Everest Backup – Unauthenticated Backup access

Vulnerability Details Product: Everest Backup plugin for WordPressAffected: v2.3.5 and olderPatched: v2.3.6Vendor: Everest ThemesCVE: CVE-2025-11380 Introduction Recently I started learning more about auditing WordPress plugins for security vulnerabilities. WordPress plugins are a specific, niche area of security research but WordPress’ popularity means there are plenty of plugins to target. Multiple Read more

By cpearson, ago

Google Docs clipboard leak

Vendor: GoogleProduct: Docs Android appVersion: 1.20.302.01.40Platform: AndroidReported: 7/11/2020Fixed: 8/26/2020CVE: N/A This write-up covers a low-severity vulnerability found in Google Docs Android app. Hope it is of interest! Quick primer on Android app security. An Android app can use a framework, content providers, to make data available to other internal components Read more

By cpearson, ago