Blog

Unauthenticated SQL Injection in WP ERP Pro (CVE-2026-4834)

A look at CVE-2026-4834, an unauthenticated SQL injection in the WP ERP Pro WordPress plugin's recruitment REST API that lets attackers read arbitrary data from the database.

May 27, 2026

Achieving Unauthenticated Remote Code Execution in SmartJobBoard: A Technical Deep Dive

In this post i explore critical security flaws in SmartJobBoard software, including template injection, SQL injection, cross-site scripting, and remote code execution.

July 30, 2025

Get in touch

Looking for a developer to bring your idea to life, or someone to make sure your application is secure? I'd love to hear more about your project.

kuda savanhu

kudasav