The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

[Guest Diary] Exploring a Use Case of Artificial Intelligence Assistance with Understanding an Attack

Published: 2025-05-28

Last Updated: 2025-05-28 13:48:55 UTC

by Jennifer Wilson, SANS.edu BACS Student (Version: 1)

[This is a Guest Diary by Jennifer Wilson, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program.]

As part of my BACS internship with SANS, I setup and maintained a DShield honeypot instance using a physical Raspberry Pi device.  As I was putting together each of my attack observations that were due, I started to wonder how helpful AI would be. One of the things I wanted to do when I started the internship was to step outside of my comfort zone. While I have read a lot about AI, I have only used it a handful of times. So, I wondered if it would lead me astray? Would it provide valid actionable data?

In this blog post, I will explore how accurate and helpful ChatGPT is with identifying one of the more unique attacks I say over the past few months.

To set the stage, I first noticed this attack after running the cowrieprocessor script on my honeypot. The attack occurred on 2025-04-20 and came from IP address ... . The total attack occurred over a duration of 62.83 seconds. According to AbuseIPDB, the IP has been reported 300 times, and it has been marked with a 100% confidence of abuse. This IP has been busy in the world. Along with this basic data, the following commands were captured being ran on the honeypot ...

Read the full entry: https://isc.sans.edu/diary/Guest+Diary+Exploring+a+Use+Case+of+Artificial+Intelligence+Assistance+with+Understanding+an+Attack/31980/

SVG Steganography

Published: 2025-05-26

Last Updated: 2025-05-26 16:31:33 UTC

by Johannes Ullrich (Version: 1)

Didier recently published several diaries related to steganography. I have to admit that steganography isn't exactly my favorite topic. It is one of those "neat" infosec toys, but its applicability is limited. Data exfiltration usually does not require proper steganography, but just appending data to an image will usually work just fine. 

On the other hand, it looks like the kids still like and enjoy diaries about steganography. For one of my recent podcasts, a viewer left a message asking about the use of SVG images for steganography, to avoid some of the loss issues with compressed image formats. Image formats break down into two basic types: Bitmap and vector image formats. Most images you see are bitmap or pixel-based. These formats tend to be easier to create and display. However, they have the disadvantage of not being able to scale up, and the image size can become quite large, which in turn requires compression. While there are some commonly used lossless compression formats, many image formats accept some loss in detail to enhance compression. Steganography takes advantage of similar colors being indistinguishable from each other. However, the same issue is used by compression algorithms. Neighboring pixels with similar colors are often approximated by changing them all to the same color, simplifying compression.

The images below use JPEG compression. The "uncompressed" version on the left is 130kBytes, while the compressed version is around 23kBytes. For a quick glance, the images are identical, but if you zoom in a bit, you will probably see the "blockiness" of the compressed image caused by adjusting the colors. This compression would wipe out any steganography message ...

Read the full entry: https://isc.sans.edu/diary/SVG+Steganography/31978/

Securing Your SSH authorized_keys File

Published: 2025-05-27

Last Updated: 2025-05-27 15:44:43 UTC

by Johannes Ullrich (Version: 1)

This is nothing "amazingly new", but more of a reminder to secure your "authorized_keys" file for SSH. One of the first things I see even simple bots do to obtain persistent access to a UNIX system is to add a key to the authorized_keys file of whatever account they are compromising. 

So here are a few things you can do to make your "authorized_keys" file more secure:

authorized_keys file location

The default location is .ssh/authorized_keys and .ssh/authorized_keys2. Make sure to specify a location (default is fine, but more later). One file is fine. the "authorized_keys2" file was used back in the day to retain backward compatibility with older SSH versions. Most importantly, you want to control the location of the file, and for the later discussion, we are going to assume the default location.

File Permissions

This is probably the easiest change you can make. By default, most systems set the permissions to "0600" and make the file owned by the user. This looks "ok" at first as only the user has read/write access. But in this case, we try to prevent someone who compromised the user's credentials from modifying the file. A better option is to make sure the file is owned by the root and set to read-only (0444). The user must still be able to read the file, so 0400 will not work if the file is owned by root. Next, you may also set the "immutable" flag. It does not offer a ton of extra security, as the attacker has to be root anyway, but it offers some more detection capabilities ...

Read the full entry: https://isc.sans.edu/diary/Securing+Your+SSH+authorizedkeys+File/31986/

Resilient Secure Backup Connectivity for SMB/Home Users (2025.05.22)

https://isc.sans.edu/diary/Resilient+Secure+Backup+Connectivity+for+SMBHome+Users/31972/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Multiple Fortinet products

CVSS Score: 0

** KEV since 2025-05-14 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32756

ISC Podcast: https://isc.sans.edu/podcastdetail/9466

Product: Meteobridge web interface

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4008

ISC Podcast: https://isc.sans.edu/podcastdetail/9468

NVD References: 

- https://forum.meteohub.de/viewtopic.php?t=18687

- https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008

Product: Samlify Node.js library for SAML single sign-on

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47949

ISC Podcast: https://isc.sans.edu/podcastdetail/9464

Product: Netgear DGND3700

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4978

NVD References: 

- https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/backdoor.md

- https://www.netgear.com/

Product: Schweitzer Engineering Laboratories Software-Defined Network Flow Controller

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48017

NVD References: https://selinc.com/products/software/latest-software-versions/

Product: D-Link DI-8100

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44083

NVD References: https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-1.md

Product: D-Link DI-8100

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44084

NVD References: https://github.com/piposy/IOTsec/blob/main/Dlink/DI8100/DI8100-A1-2.md

Product: Langroid TableChatAgent

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46724

NVD References: 

- https://github.com/langroid/langroid/commit/0d9e4a7bb3ae2eef8d38f2e970ff916599a2b2a6

- https://github.com/langroid/langroid/security/advisories/GHSA-jqq5-wc57-f8hj

Product: vLLM PyNcclPipe

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47277

NVD References: 

- https://docs.vllm.ai/en/latest/deployment/security.html

- https://github.com/vllm-project/vllm/security/advisories/GHSA-hjq4-87xh-g4fv

Product: Wavlink WL-WN579A3

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44880

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44881

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44882

NVD References: 

- https://lafdrew.github.io/2025/03/27/Remote-Command-Execution-in-adm-cgi-of-wavlink-WL-WN579A3-Device/

- https://lafdrew.github.io/2025/03/31/Remote-Command-Execution-in-qos-cgi-of-wavlink-WL-WN579A3-Device/

- https://lafdrew.github.io/2025/03/31/Remote-Command-Execution-in-firewall-cgi-of-wavlink-WL-WN579A3-Device/

Product: FW WGS-804HPT

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44883

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44884

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44885

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44886

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44887

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44888

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44889

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44890

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44891

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44893  

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44894

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44896

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44897

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44898

NVD References: 

- https://lafdrew.github.io/2025/04/20/web-tacplus-serverEdit-post-tacIp/

- https://lafdrew.github.io/2025/04/20/web-sys-infoContact-post-contact/

- https://lafdrew.github.io/2025/04/20/web-snmpv3-remote-engineId-add-post-remote-ip/

- https://lafdrew.github.io/2025/04/20/web-acl-mgmt-Rules-Edit-post-ruleEditName/

- https://lafdrew.github.io/2025/04/20/web-radiusSrv-post-radIp/

- https://lafdrew.github.io/2025/04/20/web-stp-globalSetting-post-stp-conf-name/

- https://lafdrew.github.io/2025/04/20/web-snmp-notifyv3-add-post-host-ip/

- https://lafdrew.github.io/2025/04/20/web-snmp-v3host-add-post-host-ip/

- https://lafdrew.github.io/2025/04/20/web-acl-mgmt-Rules-Apply-post-ruleName/

- https://lafdrew.github.io/2025/04/20/web-radiusSrv-dftParam-post-radDftParamKey/

- https://lafdrew.github.io/2025/04/18/web-acl-bindEdit-post-bindEditMACName-StackOverflow/

- https://lafdrew.github.io/2025/04/20/web-tool-upgradeManager-post-tftp-srvip/

- https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/

Product: Spring Security

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41232

NVD References: http://spring.io/security/cve-2025-41232

Product: TYPO3 sr_feuser_register extension

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48200

NVD References: https://typo3.org/security/advisory/typo3-ext-sa-2025-008

Product: IEEE P802.11-REVme

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27558

NVD References: https://github.com/vanhoefm/fragattacks-survey-public/blob/main/README.md

Product: AutomationDirect MB-Gateway embedded web server

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-36535

NVD References: 

- https://www.automationdirect.com/adc/shopping/catalog/communications/protocol_gateways/modbus_gateways/eki-1221-ce

- https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-09

Product: Vertiv products

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41426

NVD References: 

- https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-10

- https://www.vertiv.com/en-us/support/security-support-center/

Product: Vertiv Webserver Functions

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46412

NVD References: 

- https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-10

- https://www.vertiv.com/en-us/support/security-support-center/

Product: Infoblox NETMRI

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32814

NVD References: https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32814

Product: Iconics ASPECT 

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48853

Product: ASPECT-Enterprise

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-2409

Product: ASPECT-Enterprise

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-2410

Product: ASPECT-Enterprise

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30171

Product: Ocuco Innovation INNOVASERVICEINTF.EXE, REPORTSERVER.EXE, INVCLIENT.EXE, and REPORTS.EXE

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41195

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41196

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41197

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41198

NVD References: https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md

Product: Multiple WSO2 products

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6914

NVD References: https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3561/

Product: Mobile Dynamix PrinterShare Mobile Print

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5098

NVD References: https://korelogic.com/Resources/Advisories/KL-001-2025-003.txt

Product: Mobile Dynamix PrinterShare Mobile Print

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5099

NVD References: https://korelogic.com/Resources/Advisories/KL-001-2025-004.txt

Product: Zohocorp  ManageEngine ADAudit Plus

CVSS Score: 8.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-36527

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41407

ISC Podcast: https://isc.sans.edu/podcastdetail/9468

NVD References: 

- https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html

- https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html

Product: Phpgurukul Restaurant Table Booking System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-51101

NVD References: https://github.com/0xBhushan/Writeups/blob/main/CVE/phpGurukul/Restaurant%20Table%20Booking%20System%20using%20PHP%20and%20MySQL/SQL%20Injection-Search.pdf

Product: Canon Multifunction Printers

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-2146

NVD References: 

- https://canon.jp/support/support-info/250127vulnerability-response

- https://psirt.canon/advisory-information/cp2025-001/

- https://www.canon-europe.com/support/product-security/#news

- https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers

Product: Apache NuttX RTOS Bluetooth Stack

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-35003

NVD References: 

- https://github.com/apache/nuttx/pull/16179

- https://lists.apache.org/thread/k4xzz3jhkx48zxw9vwmqrmm4hmg78vsj

- http://www.openwall.com/lists/oss-security/2025/05/26/1

Product: openSUSE Tumbleweed cyrus-imapd

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23394

NVD References: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23394

Product: vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48827NVD References: - https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce- https://kevintel.com/CVE-2025-48827- https://blog.kevintel.com/vbulletin-replaceadtemplate-kev/CVE-2025-48828 - vBulletin versions are vulnerable to arbitrary PHP code execution through Template Conditionals abuse, allowing attackers to bypass security checks and execute code in an alternative function syntax.Product: vBulletin Certain vBulletin versionsCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48828NVD References: - https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce- https://kevintel.com/CVE-2025-48828-  https://blog.kevintel.com/vbulletin-replaceadtemplate-kev/CVE-2025-41651 - The vulnerable product allows unauthenticated remote attackers to execute arbitrary commands and potentially compromise the entire system by exploiting missing authentication on a critical function.Product: Weidmueller Industrial ethernet switchesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41651NVD References: https://certvde.com/en/advisories/VDE-2025-044/CVE-2025-41652 - The vulnerable product is at risk of authentication bypass from flaws in the authorization mechanism, allowing unauthenticated remote attackers to compromise the device through brute-force attacks or MD5 collision techniques.Product: Weidmueller Industrial ethernet switchesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41652NVD References: https://certvde.com/en/advisories/VDE-2025-044/CVE-2025-32440 - NetAlertX allows attackers to bypass authentication and trigger sensitive functions by sending crafted requests to /index.php prior to version 25.4.14.Product: NetAlertXCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32440NVD References: - https://github.com/jokob-sk/NetAlertX/releases/tag/v25.4.14- https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-h4x5-vr54-vjrxCVE-2025-47934 - OpenPGP.js is vulnerable to a flaw where a maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing these functions to return a valid signature verification result while returning data that was not actually signed.Product: OpenPGP.js OpenPGP protocolCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47934ISC Podcast: https://isc.sans.edu/podcastdetail/9460 CVE-2025-4322 - The Motors theme for WordPress is vulnerable to privilege escalation through account takeover, allowing unauthenticated attackers to change user passwords and gain administrative access.Product: WordPress Motors themeActive Installations: Update to version 5.6.68, or a newer patched versionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4322NVD References: - http://themeforest.net/item/motors-car-dealership-wordpress-theme/13987211- https://www.wordfence.com/threat-intel/vulnerabilities/id/61820ca5-5548-4155-b350-df3db1bc1661?source=cveCVE-2025-4094 - The DIGITS WordPress Mobile Number Signup and Login plugin before 8.4.6.1 allows attackers to easily bruteforce OTP validation attempts due to lack of rate limiting.Product: DIGITS WordPress Mobile Number Signup and Login WordPress pluginActive Installations: UnknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4094NVD References: https://wpscan.com/vulnerability/b5f0a263-644b-4954-a1f0-d08e2149edbb/CVE-2025-4524 - The Madara WordPress theme is vulnerable to Local File Inclusion in versions up to 2.2.2, allowing unauthenticated attackers to execute arbitrary files on the server.Product: Madara Responsive and modern WordPress theme for manga sitesActive Installations: Update to version 2.2.2.1, or a newer patched versionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4524NVD References: - https://mangabooth.com/product/wp-manga-theme-madara/- https://www.wordfence.com/threat-intel/vulnerabilities/id/a3ee01da-218a-421d-8f9c-1dc6c056ef74?source=cveCVE-2025-31049 - Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3.Product: Themeton DashActive Installations: unknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31049NVD References: https://patchstack.com/database/wordpress/theme/dash/vulnerability/wordpress-dash-1-3-php-object-injection-vulnerability?_s_id=cveCVE-2025-31056 - WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce is vulnerable to SQL Injection from n/a through 1.1.0.Product: Techspawn WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerceActive Installations: unknownCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31056NVD References: https://patchstack.com/database/wordpress/plugin/whatscart-for-woocommerce/vulnerability/wordpress-whatscart-plugin-1-1-0-s…

Product: vBulletin Certain vBulletin versionsCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48828NVD References: - https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce- https://kevintel.com/CVE-2025-48828-  https://blog.kevintel.com/vbulletin-replaceadtemplate-kev/CVE-2025-41651 - The vulnerable product allows unauthenticated remote attackers to execute arbitrary commands and potentially compromise the entire system by exploiting missing authentication on a critical function.Product: Weidmueller Industrial ethernet switchesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41651NVD References: https://certvde.com/en/advisories/VDE-2025-044/CVE-2025-41652 - The vulnerable product is at risk of authentication bypass from flaws in the authorization mechanism, allowing unauthenticated remote attackers to compromise the device through brute-force attacks or MD5 collision techniques.Product: Weidmueller Industrial ethernet switchesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41652NVD References: https://certvde.com/en/advisories/VDE-2025-044/CVE-2025-32440 - NetAlertX allows attackers to bypass authentication and trigger sensitive functions by sending crafted requests to /index.php prior to version 25.4.14.Product: NetAlertXCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32440NVD References: - https://github.com/jokob-sk/NetAlertX/releases/tag/v25.4.14- https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-h4x5-vr54-vjrxCVE-2025-47934 - OpenPGP.js is vulnerable to a flaw where a maliciously modified message can be passed to either `openpgp.verify` or `openpgp.decrypt`, causing these functions to return a valid signature verification result while returning data that was not actually signed.Product: OpenPGP.js OpenPGP protocolCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47934ISC Podcast: https://isc.sans.edu/podcastdetail/9460 CVE-2025-4322 - The Motors theme for WordPress is vulnerable to privilege escalation through account takeover, allowing unauthenticated attackers to change user passwords and gain administrative access.Product: WordPress Motors themeActive Installations: Update to version 5.6.68, or a newer patched versionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4322NVD References: - http://themeforest.net/item/motors-car-dealership-wordpress-theme/13987211- https://www.wordfence.com/threat-intel/vulnerabilities/id/61820ca5-5548-4155-b350-df3db1bc1661?source=cveCVE-2025-4094 - The DIGITS WordPress Mobile Number Signup and Login plugin before 8.4.6.1 allows attackers to easily bruteforce OTP validation attempts due to lack of rate limiting.Product: DIGITS WordPress Mobile Number Signup and Login WordPress pluginActive Installations: UnknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4094NVD References: https://wpscan.com/vulnerability/b5f0a263-644b-4954-a1f0-d08e2149edbb/CVE-2025-4524 - The Madara WordPress theme is vulnerable to Local File Inclusion in versions up to 2.2.2, allowing unauthenticated attackers to execute arbitrary files on the server.Product: Madara Responsive and modern WordPress theme for manga sitesActive Installations: Update to version 2.2.2.1, or a newer patched versionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4524NVD References: - https://mangabooth.com/product/wp-manga-theme-madara/- https://www.wordfence.com/threat-intel/vulnerabilities/id/a3ee01da-218a-421d-8f9c-1dc6c056ef74?source=cveCVE-2025-31049 - Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3.Product: Themeton DashActive Installations: unknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31049NVD References: https://patchstack.com/database/wordpress/theme/dash/vulnerability/wordpress-dash-1-3-php-object-injection-vulnerability?_s_id=cveCVE-2025-31056 - WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce is vulnerable to SQL Injection from n/a through 1.1.0.Product: Techspawn WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerceActive Installations: unknownCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31056NVD References: https://patchstack.com/database/wordpress/plugin/whatscart-for-woocommerce/vulnerability/wordpress-whatscart-plugin-1-1-0-sql-injection-vulnerability?_s_id=cveCVE-2025-31069 - HotStar Ð Multi-Purpose Business Theme is vulnerable to object injection via deserialization of untrusted data from versions n/a through 1.4.Product: themeton HotStar Ð Multi-Purpose Business ThemeActive Installations: unknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31069NVD References: https://patchstack.com/database/wordpress/theme/hotstar/vulnerability/wordpress-hotstar-multi-purpose-business-theme-1-4-php-object-injection-vulnerability?_s_id=cveCVE-202…

Product: Weidmueller Industrial ethernet switches

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41651

NVD References: https://certvde.com/en/advisories/VDE-2025-044/

Product: Weidmueller Industrial ethernet switches

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-41652

NVD References: https://certvde.com/en/advisories/VDE-2025-044/

Product: NetAlertX

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32440

NVD References: 

- https://github.com/jokob-sk/NetAlertX/releases/tag/v25.4.14

- https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-h4x5-vr54-vjrx

Product: OpenPGP.js OpenPGP protocol

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47934

ISC Podcast: https://isc.sans.edu/podcastdetail/9460

Product: WordPress Motors theme

Active Installations: Update to version 5.6.68, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4322

NVD References: 

- http://themeforest.net/item/motors-car-dealership-wordpress-theme/13987211

- https://www.wordfence.com/threat-intel/vulnerabilities/id/61820ca5-5548-4155-b350-df3db1bc1661?source=cve

Product: DIGITS WordPress Mobile Number Signup and Login WordPress plugin

Active Installations: Unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4094

NVD References: https://wpscan.com/vulnerability/b5f0a263-644b-4954-a1f0-d08e2149edbb/

Product: Madara Responsive and modern WordPress theme for manga sites

Active Installations: Update to version 2.2.2.1, or a newer patched version

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4524

NVD References: 

- https://mangabooth.com/product/wp-manga-theme-madara/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/a3ee01da-218a-421d-8f9c-1dc6c056ef74?source=cve

Product: Themeton Dash

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31049

NVD References: https://patchstack.com/database/wordpress/theme/dash/vulnerability/wordpress-dash-1-3-php-object-injection-vulnerability?_s_id=cve

Product: Techspawn WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31056

NVD References: https://patchstack.com/database/wordpress/plugin/whatscart-for-woocommerce/vulnerability/wordpress-whatscart-plugin-1-1-0-sql-injection-vulnerability?_s_id=cve

Product: themeton HotStar Ð Multi-Purpose Business Theme

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31069

NVD References: https://patchstack.com/database/wordpress/theme/hotstar/vulnerability/wordpress-hotstar-multi-purpose-business-theme-1-4-php-object-injection-vulnerability?_s_id=cve

Product: SmartCMS Bus Ticket Booking with Seat Reservation for WooCommerce

Active Installations: 1,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31397

NVD References: https://patchstack.com/database/wordpress/plugin/scw-bus-seat-reservation/vulnerability/wordpress-bus-ticket-booking-with-seat-reservation-for-woocommerce-plugin-1-7-sql-injection-vulnerability?_s_id=cve

Product: AncoraThemes Umberto

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31423

NVD References: https://patchstack.com/database/wordpress/theme/umberto/vulnerability/wordpress-umberto-1-2-8-php-object-injection-vulnerability?_s_id=cve

Product: themeton The Business

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31430

NVD References: https://patchstack.com/database/wordpress/theme/nrgbusiness/vulnerability/wordpress-the-business-1-6-1-php-object-injection-vulnerability?_s_id=cve

Product: AncoraThemes Fish House

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31631

NVD References: https://patchstack.com/database/wordpress/theme/fish-house/vulnerability/wordpress-fish-house-1-2-7-php-object-injection-vulnerability?_s_id=cve

Product: kamleshyadav Pixel WordPress Form BuilderPlugin & Autoresponder

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31914

NVD References: https://patchstack.com/database/wordpress/plugin/pixel-formbuilder/vulnerability/wordpress-pixel-wordpress-form-builderplugin-autoresponder-1-0-2-sql-injection-vulnerability?_s_id=cve

Product: joy2012bd JP Students Result Management System Premium

Active Installations: unknown

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31916

NVD References: https://patchstack.com/database/wordpress/plugin/jp-students-result-system-premium/vulnerability/wordpress-jp-students-result-management-system-premium-plugin-1-1-7-arbitrary-file-upload-vulnerability?_s_id=cve

Product: QuantumCloud Simple Business Directory Pro

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31918

NVD References: https://patchstack.com/database/wordpress/plugin/simple-business-directory-pro/vulnerability/wordpress-simple-business-directory-pro-15-4-8-privilege-escalation-vulnerability?_s_id=cve

Product: themeton Acerola

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31927

NVD References: https://patchstack.com/database/wordpress/theme/acerola/vulnerability/wordpress-acerola-1-6-5-php-object-injection-vulnerability?_s_id=cve

Product: AncoraThemes Jarvis Ð Night Club, Concert, Festival WordPress

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32292

NVD References: https://patchstack.com/database/wordpress/theme/jarvis/vulnerability/wordpress-jarvis-night-club-concert-festival-wordpress-1-8-11-php-object-injection-vulnerability?_s_id=cve

Product: ThemeMakers Car Dealer

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39480

NVD References: https://patchstack.com/database/wordpress/theme/cardealer/vulnerability/wordpress-car-dealer-1-6-6-php-object-injection-vulnerability?_s_id=cve

Product: ThemeGoods Grand Tour | Travel Agency WordPress

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39485

NVD References: https://patchstack.com/database/wordpress/theme/grandtour/vulnerability/wordpress-grandtour-theme-5-5-1-php-object-injection-vulnerability?_s_id=cve

Product: pebas CouponXL

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39489

NVD References: https://patchstack.com/database/wordpress/theme/couponxl/vulnerability/wordpress-couponxl-4-5-0-privilege-escalation-vulnerability?_s_id=cve

Product: BoldThemes Avantage

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39495

NVD References: https://patchstack.com/database/wordpress/theme/avantage/vulnerability/wordpress-avantage-theme-2-4-6-php-object-injection-vulnerability?_s_id=cve

Product: BoldThemes Medicare

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39499

NVD References: https://patchstack.com/database/wordpress/theme/medicare/vulnerability/wordpress-medicare-theme-2-1-0-php-object-injection-vulnerability?_s_id=cve

Product: Goodlayers Hostel

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39500

NVD References: https://patchstack.com/database/wordpress/plugin/gdlr-hostel/vulnerability/wordpress-goodlayers-hostel-plugin-3-1-2-php-object-injection-vulnerability?_s_id=cve

Product: Goodlayers Hostel

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39501

NVD References: https://patchstack.com/database/wordpress/plugin/gdlr-hostel/vulnerability/wordpress-goodlayers-hostel-plugin-3-1-2-sql-injection-vulnerability?_s_id=cve

Product: Goodlayers Hotel

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39503

NVD References: https://patchstack.com/database/wordpress/plugin/gdlr-hotel/vulnerability/wordpress-goodlayers-hotel-plugin-3-1-4-php-object-injection-vulnerability?_s_id=cve

Product: GoodLayers GoodLayers Hotel

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39504

NVD References: https://patchstack.com/database/wordpress/plugin/gdlr-hotel/vulnerability/wordpress-goodlayers-hotel-plugin-3-1-4-sql-injection-vulnerability?_s_id=cve

Product: IndigoThemes WP HRM LITE

Active Installations: This plugin has been closed as of April 24, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46455

NVD References: https://patchstack.com/database/wordpress/plugin/wp-hrm-lite-human-resource-management-system/vulnerability/wordpress-wp-hrm-lite-1-1-sql-injection-vulnerability?_s_id=cve

Product: Detheme Easy Guide

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46460

NVD References: https://patchstack.com/database/wordpress/plugin/wp-easy-guide/vulnerability/wordpress-easy-guide-1-0-0-sql-injection-vulnerability?_s_id=cve

Product: WPFable Fable Extra

Active Installations: 1,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46468

NVD References: https://patchstack.com/database/wordpress/plugin/fable-extra/vulnerability/wordpress-fable-extra-1-0-5-local-file-inclusion-vulnerability?_s_id=cve

Product: WPFable Fable Extra

Active Installations: 1,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46539

NVD References: https://patchstack.com/database/wordpress/plugin/fable-extra/vulnerability/wordpress-fable-extra-1-0-6-sql-injection-vulnerability?_s_id=cve

Product: wordwebsoftware Crossword Compiler Puzzles

Active Installations: 400+

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46490

NVD References: https://patchstack.com/database/wordpress/plugin/crossword-compiler-puzzles/vulnerability/wordpress-crossword-compiler-puzzles-5-2-arbitrary-file-upload-vulnerability?_s_id=cve

Product: WPFunnels

Active Installations: 8,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47530

NVD References: https://patchstack.com/database/wordpress/plugin/wpfunnels/vulnerability/wordpress-wpfunnels-3-5-18-php-object-injection-vulnerability?_s_id=cve

Product: CoinPayments CoinPayments.net Payment Gateway for WooCommerce

Active Installations: 2,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47532

NVD References: https://patchstack.com/database/wordpress/plugin/coinpayments-payment-gateway-for-woocommerce/vulnerability/wordpress-coinpayments-net-payment-gateway-for-woocommerce-1-0-17-php-object-injection-vulnerability?_s_id=cve

Product: Themewinter Eventin

Active Installations: 10,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47539

NVD References: https://patchstack.com/database/wordpress/plugin/wp-event-solution/vulnerability/wordpress-eventin-4-0-26-privilege-escalation-vulnerability?_s_id=cve

Product: ZoomIt ZoomSounds

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47568

NVD References: https://patchstack.com/database/wordpress/plugin/dzs-zoomsounds/vulnerability/wordpress-zoomsounds-plugin-6-91-php-object-injection-vulnerability?_s_id=cve

Product: Facturante

Active Installations: This plugin hasnÕt been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47599

NVD References: https://patchstack.com/database/wordpress/plugin/facturante/vulnerability/wordpress-facturante-1-11-sql-injection-vulnerability?_s_id=cve

Product: STAGGS

Active Installations: 300+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47637

NVD References: https://patchstack.com/database/wordpress/plugin/staggs/vulnerability/wordpress-staggs-2-10-1-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Printcart Web to Print Product Designer for WooCommerce

Active Installations: 100+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47640

NVD References: https://patchstack.com/database/wordpress/plugin/printcart-integration/vulnerability/wordpress-printcart-web-to-print-product-designer-for-woocommerce-2-3-6-sql-injection-vulnerability?_s_id=cve

Product: Printcart Web to Print Product Designer for WooCommerce

Active Installations: 100+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47641

NVD References: https://patchstack.com/database/wordpress/plugin/printcart-integration/vulnerability/wordpress-printcart-web-to-print-product-designer-for-woocommerce-2-3-6-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Ajar Productions Ajar in5 Embed

Active Installations: 300+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47642

NVD References: https://patchstack.com/database/wordpress/plugin/ajar-productions-in5-embed/vulnerability/wordpress-ajar-in5-embed-3-1-5-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Gilblas Ngunte Possi PSW Front-end Login & Registration

Active Installations: 90+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47646

NVD References: https://patchstack.com/database/wordpress/plugin/psw-login-and-registration/vulnerability/wordpress-psw-front-end-login-registration-1-12-broken-authentication-vulnerability?_s_id=cve

Product: ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System

Active Installations: 400+

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47658

NVD References: https://patchstack.com/database/wordpress/plugin/elex-helpdesk-customer-support-ticket-system/vulnerability/wordpress-elex-wordpress-helpdesk-customer-ticketing-system-3-2-7-arbitrary-file-upload-vulnerability?_s_id=cve

Product: mojoomla Hospital Management System

Active Installations: unknown

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47663

NVD References: https://patchstack.com/database/wordpress/plugin/hospital-management/vulnerability/wordpress-hospital-management-system-plugin-47-0-20-11-2023-arbitrary-file-upload-vulnerability-2?_s_id=cve

Product: StoreKeeper B.V. StoreKeeper for WooCommerce

Active Installations: 50+

CVSS Score: 10.0 

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47687

NVD References: https://patchstack.com/database/wordpress/plugin/storekeeper-for-woocommerce/vulnerability/wordpress-storekeeper-for-woocommerce-14-4-4-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Majestic Support

Active Installations: 3,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48283

NVD References: https://patchstack.com/database/wordpress/plugin/majestic-support/vulnerability/wordpress-majestic-support-1-1-0-sql-injection-vulnerability?_s_id=cve

Product: Pagaleve Pix 4x sem juros

Active Installations: 100+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48287

NVD References: https://patchstack.com/database/wordpress/plugin/wc-pagaleve/vulnerability/wordpress-pix-4x-sem-juros-pagaleve-1-6-9-php-object-injection-vulnerability?_s_id=cve

Product: AncoraThemes Kids Planet

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48289

NVD References: https://patchstack.com/database/wordpress/theme/kidsplanet/vulnerability/wordpress-kids-planet-2-2-14-php-object-injection-vulnerability?_s_id=cve

Product: eMagicOne Store Manager for WooCommerce plugin

Active Installations: This plugin has been closed as of May 21, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4603

NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/242ad00b-3602-4988-ab7a-76fba2e9d4cf?source=cve

Product: eMagicOne Store Manager for WooCommerce plugin

Active Installations: This plugin has been closed as of May 21, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5058

NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/8a00ece0-6644-4535-86aa-d0802d94a1a7?source=cve