Excellent
Lorraine Reguly is the owner of WORDING WELL. She is an English teacher and editor who also provides author assistant services.
Excellent
Today, storytelling takes on the form of interactive media and many different types of online story telling platforms have appeared in global market. Online storytelling platforms have been there since late 1990 but recently rising. This is why the world still sees it as a nascent market despite of its long history. Thanks to the new rise of online storytelling platforms, we are not just exploring stories from history or science professionals โ we are also discovering each otherโs tales. Now everyone can become a digital storyteller. Joara is a serial web novel platform in which anyone can be a writer, reader and backer of creative stories. We aim to help aspiring writers- basically anyone who would like to express their creative minds in serial text- have space to share their stories, build their own fandom and get an opportunity to make instant income as much as their stories are loved, which fundamentally cannot be helped by the current offline publishers. In order to expand our business areas, we established our new subsidiary in Silicon Valley(SV), California, and timing to advance to U.S.market and at first starting a Beta service in India, and our ultimate goal is to establish its global brand worldwide through these two markets at the first stage. We're seeking for potential local partners whom we could have opportunities to work with. MSG me ([email protected]) if you have any interest in our business or company.
Security & Compliance Standards Overview
No incidents recorded for Wording Well in 2025.
No incidents recorded for JOARA in 2025.
Wording Well cyber incidents detection timeline including parent company and subsidiaries
JOARA cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the tokenโs signature, expiration, issuer, or audience. If an attacker learns the victimโs actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victimโs password. This issue has been patched in version 4.0.1.
Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery (CSRF) vulnerability was identified. The vulnerability arises from missing origin validation in the client-side code that handles window.postMessage events. A malicious website can send forged messages to the embedding page, causing the victimโs browser to execute arbitrary GraphQL queries or mutations against their GraphQL server while authenticated with the victimโs cookies. This issue has been patched in Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3.
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument aluno_id causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. It is advisable to upgrade the affected component. The vendor responds: "We have confirmed that the issue mentioned in the report does not exist in the latest releases".
