homepage
Menu
Open menu

@RISK

The Consensus Security Vulnerability Alert

May 8, 2025  |  Vol. 25, Num. 18

Internet Storm Center SpotlightInternet Storm Center EntriesRecent CVEs

Internet Storm Center Spotlight

INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Python InfoStealer with Embedded Phishing Webserver

Published: 2025-05-06

Last Updated: 2025-05-06 06:02:58 UTC

by Xavier Mertens (Version: 1)

Infostealers are everywhere for a while now. If this kind of malware is not aggressive, their impact can be much more impacting to the victim. Attackers need always more and more data to be sold or reused in deeper scenarios. A lot of infostealers are similar and have the following capabilities:

* Antidebugging and anti-VM capabilities

* Persistence

* Data scanner (credentials, cookies, wallets, "interesting" keyword in files, ...)

* Exfiltration

I found another malicious Python script that implements all these capabilities. Persistence is implemented via a Registry key and a scheduled task (always have a backup solution ;-) ), a keylogger is started, the clipboard content is captured, a screenshot is taken every minute. All data is exfiltrated to a Telegram channel, encrypted with the Fernet() module ...

Read the full entry: 

https://isc.sans.edu/diary/Python+InfoStealer+with+Embedded+Phishing+Webserver/31924/

"Mirai" Now Exploits Samsung MagicINFO CMS (CVE-2024-7399)

Published: 2025-05-05

Last Updated: 2025-05-06 02:10:41 UTC

by Johannes Ullrich (Version: 1)

Last August, Samsung patched an arbitrary file upload vulnerability that could lead to remote code execution. The announcement was very sparse and did not even include affected systems:

SVP-AUG-2024

SVE-2024-50018(CVE-2024-7399)

Weakness : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server allows attackers to write arbitrary file as system authority.

Patch information : The patch modifies verification logic of the input.

 

At around the same time, a CVE was assigned to the vulnerability: CVE-2024-7399. The NVD entry has a little bit more details. In particular, it identifies a legacy CMS distributed by Samsung, MagicINFO 9, as the vulnerable software:

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

Read the full entry: 

https://isc.sans.edu/diary/Mirai+Now+Exploits+Samsung+MagicINFO+CMS+CVE20247399/31920/

Internet Storm Center Entries

Example of "Modular" Malware (2025.05.07)

https://isc.sans.edu/diary/Example+of+Modular+Malware/31928/

Steganography Challenge (2025.05.03)

https://isc.sans.edu/diary/Steganography+Challenge/31910/

Steganography Analysis With pngdump.py: Bitstreams (2025.05.01)

https://isc.sans.edu/diary/Steganography+Analysis+With+pngdumppy+Bitstreams/31904/

Recent CVEs

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability

Product: SonicWall SSLVPN SMA100

CVSS Score: 0

** KEV since 2021-11-03 **

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2021-20016

ISC Podcast:

https://isc.sans.edu/podcastdetail/9432

CVE-2023-44221 - SMA100 SSL-VPN management interface is vulnerable to OS Command Injection by remote authenticated attackers with administrative privilege.

Product: SonicWall SMA 500V Firmware 

CVSS Score: 0

** KEV since 2025-05-01 **

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2023-44221

CVE-2024-7399 - Samsung MagicINFO 9 Server versions before 21.1050 is vulnerable to allowing attackers to write arbitrary files in restricted directories as system authority.

Product: Samsung MagicINFO 9 Server

CVSS Score: 0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2024-7399

ISC Diary:

https://isc.sans.edu/diary/31920

ISC Podcast:

https://isc.sans.edu/podcastdetail/9438

CVE-2025-24252 - macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4, iPadOS 18.4, and visionOS 2.4 prior to the update suffered from a use-after-free vulnerability that could allow a local network attacker to corrupt process memory.

Product: Multiple Apple products

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-24252

NVD References: 

-

https://support.apple.com/en-us/122371

-

https://support.apple.com/en-us/122372

-

https://support.apple.com/en-us/122373

-

https://support.apple.com/en-us/122374

-

https://support.apple.com/en-us/122375

-

https://support.apple.com/en-us/122377

-

https://support.apple.com/en-us/122378

CVE-2025-4083 - Firefox and Thunderbird versions below 138 and 128.10, respectively, are susceptible to a process isolation vulnerability when handling javascript: URIs, leading to possible sandbox escape.

Product: Mozilla Firefox and Thunderbird

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-4083

NVD References: 

-

https://bugzilla.mozilla.org/show_bug.cgi?id=1958350

-

https://www.mozilla.org/security/advisories/mfsa2025-28/

-

https://www.mozilla.org/security/advisories/mfsa2025-29/

-

https://www.mozilla.org/security/advisories/mfsa2025-30/

-

https://www.mozilla.org/security/advisories/mfsa2025-31/

-

https://www.mozilla.org/security/advisories/mfsa2025-32/

CVE-2025-25403 - Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.

Product: Slims (Senayan Library Management Systems)

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-25403

CVE-2025-25962 - Coresmartcontracts Uniswap v.3.0 vulnerability allows remote attackers to escalate privileges via the _modifyPosition function.

Product: Coresmartcontracts Uniswap

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-25962

NVD References: 

-

https://github.com/CVEProject/docs/blob/gh-pages/requester/reservation-guidelines.md

-

https://medium.com/@cnetsec/access-control-vulnerability-in-uniswap-v3-cve-2025-25962-f7cf21536978

CVE-2025-46348 - YesWiki allows for unauthorized site backups to be created and downloaded, potentially leading to file system overload or exposure of sensitive information.

Product: YesWiki

CVSS Score: 10.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-46348

NVD References: 

-

https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530

-

https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95

CVE-2025-32444 - vLLM is vulnerable to remote code execution due to insecure ZeroMQ sockets when integrated with mooncake versions prior to 0.8.5.

Product: vLLM

CVSS Score: 10.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-32444

NVD References: 

-

https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5

-

https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7

CVE-2025-45017, CVE-2025-45018, & CVE-2025-45019 - PHPGurukul Park Ticketing Management System v2.0 SQL injection vulnerabilities

Product: PHPGurukul Park Ticketing Management System v2.0

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45017

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45018

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45019

NVD References: 

-

https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Park-Ticketing-Management-System-Project/SQL/SQL_injection_in_edit_ticket.md

-

https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Park-Ticketing-Management-System-Project/SQL/SQl_Injection_in_was_foreigner-bwdates-reports-details.md

-

https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/Park-Ticketing-Management-System-Project/SQL/SQL_injection_add_foreigners_ticket.md

CVE-2025-32973 - XWiki allows attackers to gain programming rights on the wiki by exploiting a lack of warning when editing documents containing XWiki.ComponentClass objects, patched in versions 15.10.12, 16.4.3, and 16.8.0-rc-1.

Product: XWiki Platform

CVSS Score: 9.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-32973

NVD References: 

-

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x7wv-5qg4-vmr6

-

https://jira.xwiki.org/browse/XWIKI-22460

CVE-2025-32974 - XWiki is vulnerable to an issue in versions 15.9-rc-1 to before 15.10.8 and 16.0.0-rc-1 to before 16.2.0, allowing users to insert malicious scripts that could impact the system's security.

Product: XWiki Platform

CVSS Score: 9.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-32974

NVD References: 

-

https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mvgm-3rw2-7j4r

-

https://jira.xwiki.org/browse/XWIKI-22002

CVE-2025-46558 - XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown, making versions 8.2 to before 8.9 vulnerable to XSS attacks through embedded Javascript code, compromising the security of the entire XWiki installation.

Product: XWiki Contrib Syntax Markdown

CVSS Score: 9.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-46558

NVD References: 

-

https://github.com/xwiki-contrib/syntax-markdown/security/advisories/GHSA-8g2j-rhfh-hq3r

-

https://jira.xwiki.org/browse/MARKDOWN-80

CVE-2025-30390 - Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.

Product: Azure

CVSS Score: 9.9

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-30390

NVD References:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30390

CVE-2025-30392 - Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.

Product: Azure Bot Framework SDK

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-30392

NVD References:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30392

CVE-2025-44192 - SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.

Product: SourceCodester Simple Barangay Management System v1.0

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44192

CVE-2025-47154 - Ladybird's LibJS vulnerability before f5a6704 could allow remote attackers to execute arbitrary code via a crafted .js file due to mishandling the freeing of vector arguments_list.

Product: Ladybird LibJS

CVSS Score: 9.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-47154

NVD References: 

-

https://jessie.cafe/posts/pwning-ladybirds-libjs/

-

https://news.ycombinator.com/item?id=43852096

CVE-2025-46337 - ADOdb is vulnerable to SQL injection attacks prior to version 5.22.9 when connecting to a PostgreSQL database and using user-supplied data with pg_insert_id().

Product: ADOdb PHP database class library

CVSS Score: 10.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-46337

NVD References: 

-

https://github.com/ADOdb/ADOdb/issues/1070

-

https://github.com/ADOdb/ADOdb/security/advisories/GHSA-8x27-jwjr-8545

CVE-2025-24522 - KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable to unauthenticated remote attackers gaining full access to the Node-RED server due to lack of default authentication configuration.

Product: KUNBUS Revolution Pi OS Bookworm

CVSS Score: 10.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-24522

NVD References: 

-

http://packages.revolutionpi.de/pool/main/p/pictory/

-

https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01

CVE-2025-32011 - KUNBUS PiCtory versions 2.5.0 through 2.11.1 are vulnerable to authentication bypass via path traversal, allowing remote attackers to access the system without proper authentication.

Product: KUNBUS PiCtory

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-32011

NVD References: 

-

http://packages.revolutionpi.de/pool/main/p/pictory/

-

https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01

CVE-2025-35996 - KUNBUS PiCtory version 2.11.1 and earlier allows an authenticated remote attacker to conduct a cross-site scripting attack via a specially crafted filename passed through API endpoints.

Product: KUNBUS PiCtory

CVSS Score: 9.0

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-35996

NVD References: 

-

http://packages.revolutionpi.de/pool/main/p/pictory/

-

https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01

CVE-2024-48905 - Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.

Product: Sematell ReplyOne

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2024-48905

NVD References: 

-

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-082.txt

CVE-2025-3708 - Le-show medical practice management system from Le-yan is vulnerable to SQL Injection, which can be exploited by remote attackers to manipulate the database and access sensitive information.

Product: Le-yan Le-show medical practice management system

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-3708

NVD References: 

-

https://www.twcert.org.tw/en/cp-139-10086-dbfd0-2.html

-

https://www.twcert.org.tw/tw/cp-132-10085-69e16-1.html

CVE-2025-3709 - Agentflow from Flowring Technology is susceptible to an Account Lockout Bypass vulnerability permitting remote attackers to conduct password brute force attacks without authentication.

Product: Flowring Technology Agentflow

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-3709

NVD References: 

-

https://www.twcert.org.tw/en/cp-139-10090-112f7-2.html

-

https://www.twcert.org.tw/tw/cp-132-10091-12462-1.html

CVE-2025-2812 - Mydata Informatics Ticket Sales Automation before 03.04.2025 is vulnerable to Blind SQL Injection due to improper neutralization of special elements in SQL commands.

Product: Mydata Informatics Ticket Sales Automation

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-2812

NVD References:

https://www.usom.gov.tr/bildirim/tr-25-0099

CVE-2025-2605 - Honeywell MB-Secure is vulnerable to privilege abuse due to improper neutralization of special elements used in an OS command, affecting versions from V11.04 to V12.53 and MB-Secure PRO from V01.06 to V03.09.

Product: Honeywell MB-Secure

CVSS Score: 9.9

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-2605

NVD References:

https://www.honeywell.com/us/en/product-security#security-notices

CVE-2025-44868 - Wavlink WL-WN530H4 20220801 is susceptible to command injection through the ping_test function in the adm.cgi, enabling attackers to run malicious commands.

Product: Wavlink WL-WN530H4

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44868

NVD References:

https://github.com/Summermu/VulnForIoT/tree/main/Wavlink_WL-WN530H4/ping_test/readme.md

CVE-2025-44872 & CVE-2025-44877 - Tenda AC9 V15.03.06.42_multi command injection vulnerabilities

Product: Tenda AC9

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44872

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44877

NVD References: 

-

https://github.com/Summermu/VulnForIoT/tree/main/Tenda_AC/AC9_formsetUsbUnload

-

https://github.com/Summermu/VulnForIoT/tree/main/Tenda_AC/AC9_formSetSambaConf

 

CVE-2025-45042 - Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.

Product: Tenda AC9

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45042

NVD References:

https://github.com/Ghostsuzhijian/Iot-/blob/main/ac9_telnetd/rx3_telnetd.md

CVE-2025-2905 - WSO2 API Manager has an XML External Entity (XXE) vulnerability in its gateway component, allowing unauthenticated remote attackers to read files from the server's filesystem or launch denial-of-service attacks.

Product: WSO2 API Manager

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-2905

NVD References:

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/

CVE-2025-27920 - Output Messenger before 2.0.63 was vulnerable to a directory traversal attack allowing attackers to access sensitive files outside the intended directory.

Product: Output Messenger

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-27920

NVD References: 

-

https://www.outputmessenger.com/cve-2025-27920/

-

https://www.srimax.com/products-2/output-messenger/

CVE-2025-45322 - kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.

Product: kashipara Online Service Management Portal V1.0

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45322

NVD References:

https://github.com/0xBhushan/Writeups/blob/main/CVE/Kashipara/Online%20Service%20Management%20Portal/SQL%20Injection-CheckStatus.pdf

CVE-2025-24977 - OpenCTI allows any user with `manage customizations` capability to execute commands on the underlying infrastructure and access internal server side secrets via web-hooks, leading to potential root shell access and further attacks, fixed in version 6.4.11.

Product: OpenCTI platform

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-24977

NVD References:

https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-mf88-g2wq-p7qm

CVE-2025-45238 - foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method.

Product: foxcms v1.2.5

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45238

NVD References: 

-

https://gist.github.com/chao112122/27010786774f2bb584cc715fb027b95c

-

https://gitee.com/qianfox/foxcms

CVE-2025-4052 - Google Chrome DevTools prior to version 136.0.7103.59 had a low severity vulnerability that could allow a remote attacker to bypass access controls by tricking a user with specific UI gestures.

Product: Google Chrome

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-4052

NVD References: 

-

https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html

-

https://issues.chromium.org/issues/401927528

CVE-2025-45607 - An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.

Product: itranswarp v2.19

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45607

NVD References:

https://github.com/michaelliao/itranswarp/issues/73

CVE-2025-45611 - Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request.

Product: hope-boot v1.0.0

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45611

NVD References:

https://github.com/java-aodeng/hope-boot/issues/86

CVE-2025-45612 - Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index.

Product: xmall v1.1

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45612

NVD References:

https://github.com/Exrick/xmall/issues/96

CVE-2025-45615 - Yaoqishan v0.0.1-SNAPSHOT is vulnerable to attackers gaining Admin rights through crafted requests due to incorrect access control in the /admin/ API.

Product: yaoqishan v0.0.1-SNAPSHOT

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45615

NVD References:

https://github.com/user-xiangpeng/yaoqishan/issues/29

CVE-2025-45616 - brcc v1.2.0's /admin/** API has incorrect access control, enabling attackers to gain Admin rights through a crafted request.

Product: brcc v1.2.0

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-45616

NVD References:

https://github.com/baidu/brcc/issues/194

CVE-2025-44071 - SeaCMS v13.3 is vulnerable to remote code execution through phomebak.php, enabling attackers to run arbitrary code with a crafted request.

Product: SeaCMS v13.3

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44071

NVD References:

https://github.com/202110420106/CVE/blob/master/seacms/seacms_rce.md

CVE-2025-44072 & CVE-2025-44074 - SeaCMS v13.3 was discovered to contain SQL injection vulnerabilities.

Product: SeaCMS v13.3

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44072

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-44074

NVD References: 

-

https://github.com/202110420106/CVE/blob/master/seacms/seacms_manage_sql.md

-

https://github.com/202110420106/CVE/blob/master/seacms/seacms_topic_sql.md

CVE-2025-25014 - Kibana is vulnerable to prototype pollution, allowing arbitrary code execution through crafted HTTP requests to machine learning and reporting endpoints.

Product: Kibana

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-25014

NVD References:

https://discuss.elastic.co/t/kibana-8-17-6-8-18-1-or-9-0-1-security-update-esa-2025-07/377868

CVE-2024-12225 - Quarkus is vulnerable to unauthorized access due to default REST endpoints remaining accessible when developers provide custom REST endpoints.

Product: Quarkus quarkus-security-webauthn

CVSS Score: 9.1

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2024-12225

NVD References: 

-

https://access.redhat.com/security/cve/CVE-2024-12225

-

https://bugzilla.redhat.com/show_bug.cgi?id=2330484

CVE-2025-27007 - Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.

Product: Brainstorm Force SureTriggers

Active Installations: 100,000+

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-27007

NVD References: 

-

https://patchstack.com/articles/additional-critical-ottokit-formerly-suretriggers-vulnerability-patched?_s_id=cve

-

https://patchstack.com/database/wordpress/plugin/suretriggers/vulnerability/wordpress-suretriggers-1-0-82-privilege-escalation-vulnerability?_s_id=cve

CVE-2025-3746 - The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation and account takeover in versions 2.0.14 to 2.0.59, allowing unauthenticated attackers to change email addresses and reset passwords.

Product: WordPress OTP-less one tap Sign in plugin

Active Installations: This plugin has been closed as of April 30, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-3746

NVD References: 

-

https://plugins.trac.wordpress.org/browser/otpless/tags/2.0.59./includes/class-login.php

-

https://www.wordfence.com/threat-intel/vulnerabilities/id/63fab608-1a75-4b07-8d82-8ab87e197547?source=cve

CVE-2025-3918 - The Job Listings plugin for WordPress is vulnerable to Privilege Escalation through unauthenticated attackers elevating their privileges by manipulating user roles.

Product: WordPress Job Listings plugin

Active Installations: This plugin has been closed as of May 1, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-3918

NVD References: 

-

https://plugins.trac.wordpress.org/browser/job-listings/trunk/includes/forms/class-jlt-form-member.php#L68

-

https://wordpress.org/plugins/job-listings/#developers

-

https://www.wordfence.com/threat-intel/vulnerabilities/id/c9cd43f5-c3d0-4eb2-9c18-1af2edca37ff?source=cve

CVE-2025-1909 - The BuddyBoss Platform Pro plugin for WordPress up to version 2.7.01 is vulnerable to authentication bypass through Apple OAuth, allowing unauthenticated attackers to impersonate any user with access to the email.

Product: BuddyBoss Platform Pro plugin for WordPress

Active Installations: Unknown. Update to version 2.7.10, or a newer patched version

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-1909

NVD References: 

-

https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/

-

https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/2-7-10/

-

https://www.wordfence.com/threat-intel/vulnerabilities/id/7cce9b8b-0589-4b09-b184-a66fc86fcb46?source=cve

CVE-2025-0855 - The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 5.8.0, allowing unauthenticated attackers to inject a PHP Object and potentially execute harmful actions.

Product: WordPress PGS Core plugin

Active Installations: Unknwon. Update to version 5.9.0, or a newer patched version

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-0855

NVD References: 

-

https://docs.potenzaglobalsolutions.com/docs/ciyashop-wp/changelog/

-

https://www.wordfence.com/threat-intel/vulnerabilities/id/5dfc2249-3761-49c6-966e-73c33be74c0e?source=cve

CVE-2025-3844 - The PeproDev Ultimate Profile Solutions plugin for WordPress allows unauthenticated attackers to login as other users, including administrators, due to an Authentication Bypass vulnerability in versions 1.9.1 to 7.5.2.

Product: PeproDev  Ultimate Profile Solutions plugin for WordPress

Active Installations: This plugin has been closed as of May 5, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD:

https://nvd.nist.gov/vuln/detail/CVE-2025-3844

NVD References: 

-

https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L1483

-

https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L2836

-

https://www.wordfence.com/threat-intel/vulnerabilities/id/65be9417-7029-4f34-b834-98208a42743b?source=cve