The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Don’t Make it Easier than it Already is?..Default Passwords [Guest Diary]

Published: 2025-06-18

Last Updated: 2025-06-18 00:53:35 UTC

by Guy Bruneau (Version: 1)

[This is a Guest Diary by Matthew Paul, an ISC intern as part of the SANS.edu BACS program]

Over the past few months, I’ve been working under a SANS Internet Storm Center (ISC) Sr. Handler as part of the SANS Degree Program ISC Internship. The first objective of the internship is setting up a forward-facing honeypot on your network to review and report on log activity. 

For this internship I wanted to focus more on packet vs log analysis. For my setup, I did a bare-metal install of the network analysis tool Malcolm to use as an NSM/IDS. I setup a 5-port managed switch and configured a monitor port for the honeypot with the mirror sending packets to my Malcolm sensor. This setup allowed me to collect and analyze all traffic going to and from my honeypot.

Malcolm is a network capture and analysis tool smartly comprised of various open-source tools; Arkime, OpenSearch, Logstash, Filebeat, OpenSearch Dashboards, Zeek, Suricata, Yara, Capa, ClamAV, CyberChef, jQuery File Upload, NetBox, PostgresSQL, Redis, Keycloak, OpenResty, nginx-auth-ldap, Fluent Bit, Mark Baggett’s (SANS Instructor) freq.py, Florian Roth’s Signature-Base Yara Rules, Bart Blaze’s Yara Rules, RerversingLabs’ Yara Rules and multiple Zeek Packages ...

Read the full entry: https://isc.sans.edu/diary/Dont+Make+it+Easier+than+it+Already+isDefault+Passwords+Guest+Diary/32054/

How Long Until the Phishing Starts? About Two Weeks

Published: 2025-06-17

Last Updated: 2025-06-17 13:15:42 UTC

by Johannes Ullrich (Version: 1)

[This is a guest diary by Christopher Crowley]

Here’s a good reason to include security awareness training for new hires!

I recently added an account to my Google Workspace domain (montance[dot]com). Friday, May 16th, 10:10 am, to be exact. Something interesting to note about the domain configuration is there’s a catchall account in place, so all email addresses are valid.

Starting May 28th the new account started receiving targeted phishing email messages. The subject was either blank or a variation of my name (Chris or Christopher), and the sender's "From" address had a call to action and urgency ...

Read the full entry: https://isc.sans.edu/diary/How+Long+Until+the+Phishing+Starts+About+Two+Weeks/32052/

A JPEG With A Payload

Published: 2025-06-16

Last Updated: 2025-06-16 08:59:44 UTC

by Didier Stevens (Version: 1)

Over the weekend, Xavier posted about another image with a payload: "More Steganography!".

Xavier did a static analysis, and I want to explain how you can decode the payload if you opted for a dynamic analysis.

During your dynamic analysis, you will notice the download of a JPEG image from hxxps://zynova[.]kesug[.]com/new_image.jpg.

You can use my tool jpegdump.py to analyze this file ...

Read the full entry: https://isc.sans.edu/diary/A+JPEG+With+A+Payload/32048/ 

More Steganography! (2025.06.14)

https://isc.sans.edu/diary/More+Steganography/32044/

[Guest Diary] Anatomy of a Linux SSH Honeypot Attack: Detailed Analysis of Captured Malware (2025.06.13)

https://isc.sans.edu/diary/Guest+Diary+Anatomy+of+a+Linux+SSH+Honeypot+Attack+Detailed+Analysis+of+Captured+Malware/32024/

Automated Tools to Assist with DShield Honeypot Investigations [Guest Diary] (2025.06.11)

https://isc.sans.edu/diary/Automated+Tools+to+Assist+with+DShield+Honeypot+Investigations+Guest+Diary/32038/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Microsoft Windows 10 1507

CVSS Score: 8.8

** KEV since 2025-06-10 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-33053

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053

Product: SonicWall Sma_500V

CVSS Score: 0

** KEV since 2021-11-03 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-20016

ISC Diary: https://isc.sans.edu/diary/32038

Product: Multiple Apple productsCVSS Score: 4.8** KEV since 2025-06-16 **NVD: - https://nvd.nist.gov/vuln/detail/CVE-2025-43200- https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/CVE-2023-0386 - Linux kernel's OverlayFS subsystem has a uid mapping bug that allows unprivileged local users to gain escalated privileges.Product: Linux Linux_Kernel 6.2CVSS Score: 0** KEV since 2025-06-17 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-0386CVE-2025-42989 - Missing Authorization check in SAP NetWeaver Application Server for ABAP. RFC inbound processing lacks necessary authorization checks, allowing authenticated user privilege escalation and critical impact on application integrity and availability.Product: SAP NetWeaver Application Server for ABAP CVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-42989NVD References: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.htmlCVE-2025-1041 - Avaya Call Management System is vulnerable to unauthorized remote command execution through specially crafted web requests in affected versions 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.Product: Avaya Call Management SystemCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1041NVD References: https://support.avaya.com/css/public/documents/101093084CVE-2025-43698 - Salesforce OmniStudio (FlexCards) is vulnerable to improper preservation of permissions, enabling bypass of field level security controls for Salesforce objects, impacting OmniStudio before Spring 2025.Product: Salesforce OmniStudioCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43698NVD References: https://help.salesforce.com/s/articleView?id=004980323&type=1CVE-2025-49455 - Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0.Product: LoftOcean TinySaltCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49455NVD References: https://patchstack.com/database/wordpress/theme/tinysalt/vulnerability/wordpress-tinysalt-3-10-0-php-object-injection-vulnerability?_s_id=cveCVE-2025-49507 - Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1.Product: LoftOcean CozyStayCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49507NVD References: https://patchstack.com/database/wordpress/theme/cozystay/vulnerability/wordpress-cozystay-1-7-1-php-object-injection-vulnerability?_s_id=cveCVE-2024-34711 - GeoServer's improper URI validation vulnerability allows unauthorized attackers to perform XEE attacks and send GET requests to any HTTP server, potentially leading to the scanning of internal networks and further exploitation.Product: GeoServerCVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34711NVD References: - https://docs.geoserver.org/latest/en/user/production/config.html#production-config-external-entities- https://github.com/geoserver/geoserver/security/advisories/GHSA-mc43-4fqr-c965CVE-2025-30220 - GeoServer is vulnerable to XML External Entity (XXE) exploit due to the GeoTools Schema class using Eclipse XSD library improperly, impacting users who expose XML processing with gt-xsd-core involved in parsing documents with external XML schema references.Product: Open Source Geospatial Foundation GeoServerCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30220NVD References: - https://docs.geoserver.org/latest/en/user/production/config.html#production-config-external-entities- https://github.com/geoserver/geoserver/security/advisories/GHSA-jj54-8f66-c5pc- https://github.com/geotools/geotools/security/advisories/GHSA-826p-4gcg-35vwCVE-2025-40585 - Energy Services (All versions with G5DFR) have default credentials, allowing attackers to take control of the G5DFR component and tamper with device outputs.Product: Energy Services G5DFRCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40585NVD References: https://cert-portal.siemens.com/productcert/html/ssa-345750.htmlCVE-2025-47110 - Adobe Commerce versions 2.4.8 and earlier are vulnerable to stored Cross-Site Scripting (XSS) attacks, allowing high privileged attackers to inject malicious scripts into form fields and execute them in victims' browsers.Product: dobe CommerceCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47110NVD References: https://helpx.adobe.com/security/products/magento/apsb25-50.htmlCVE-2024-57190 - Erxes <1.6.1 is vulnerable to Incorrect Access Control, allowing attackers to bypass authentication with a forged "User" HTTP header.Product: ErxesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57190NVD References: https://www.sonarsource.com/blog/micro-services-major-headaches-detecting-vulnerabilities-in-erxes-microservices/CVE-2025-33073 - Improper access control in Windows SMB allows an authorized attack…

Product: Linux Linux_Kernel 6.2

CVSS Score: 0

** KEV since 2025-06-17 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-0386

Product: SAP NetWeaver Application Server for ABAP 

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-42989

NVD References: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/june-2025.html

Product: Avaya Call Management System

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1041

NVD References: https://support.avaya.com/css/public/documents/101093084

Product: Salesforce OmniStudio

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-43698

NVD References: https://help.salesforce.com/s/articleView?id=004980323&type=1

Product: LoftOcean TinySalt

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49455

NVD References: https://patchstack.com/database/wordpress/theme/tinysalt/vulnerability/wordpress-tinysalt-3-10-0-php-object-injection-vulnerability?_s_id=cve

Product: LoftOcean CozyStay

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49507

NVD References: https://patchstack.com/database/wordpress/theme/cozystay/vulnerability/wordpress-cozystay-1-7-1-php-object-injection-vulnerability?_s_id=cve

Product: GeoServer

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-34711

NVD References: 

- https://docs.geoserver.org/latest/en/user/production/config.html#production-config-external-entities

- https://github.com/geoserver/geoserver/security/advisories/GHSA-mc43-4fqr-c965

Product: Open Source Geospatial Foundation GeoServer

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30220

NVD References: 

- https://docs.geoserver.org/latest/en/user/production/config.html#production-config-external-entities

- https://github.com/geoserver/geoserver/security/advisories/GHSA-jj54-8f66-c5pc

- https://github.com/geotools/geotools/security/advisories/GHSA-826p-4gcg-35vw

Product: Energy Services G5DFR

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40585

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-345750.html

Product: dobe Commerce

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47110

NVD References: https://helpx.adobe.com/security/products/magento/apsb25-50.html

Product: Erxes

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57190

NVD References: https://www.sonarsource.com/blog/micro-services-major-headaches-detecting-vulnerabilities-in-erxes-microservices/

Product: Microsoft Windows SMB

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-33073

ISC Podcast: https://isc.sans.edu/podcastdetail/9490

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073

Product: QNX SDP

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-2474

NVD References: https://support.blackberry.com/pkb/s/article/140646

Product: Mozilla Firefox

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49709

NVD References: 

- https://bugzilla.mozilla.org/show_bug.cgi?id=1966083

- https://www.mozilla.org/security/advisories/mfsa2025-47/

Product: Mozilla Firefox

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49710

NVD References: 

- https://bugzilla.mozilla.org/show_bug.cgi?id=1970095

- https://www.mozilla.org/security/advisories/mfsa2025-47/

Product: M365 Copilot Microsoft

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32711

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32711

Product: Perl CryptX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40914

NVD References: https://www.cve.org/CVERecord?id=CVE-2023-36328

Product: CryptX Perl

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40912

NVD References: https://github.com/libtom/libtomcrypt/issues/507

Product: Archive::Unzip::Burst from 0.01 through 0.09 for Perl

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-4976

NVD References: https://rt.cpan.org/Public/Bug/Display.html?id=143547

Product: Salt Project SALT versions 3006.x and 3007.x

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38824

NVD References: 

- https://docs.saltproject.io/en/3006/topics/releases/3006.12.html

- https://docs.saltproject.io/en/3007/topics/releases/3007.4.html

Product: Bosch 

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-29902

Product: Blink routers 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45984

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45985

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45986

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45987

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45988

NVD References: 

- https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_routepwd%20Indicates%20the%20unauthorized%20command%20injection/LB-LINK_routepwd%20command%20injection.md

- https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_enable%20Unauthorized%20command%20injection/LB-LINK_enable%20command%20injection.md

- https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_mac%20Unauthorized%20command%20injection/LB-LINK_mac%20command%20injection.md

- https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_dns1%20Unauthorized%20command%20injection/The%20LB-LINK_dns1%20command%20is%20used%20to%20inject%20the%20information.md

- https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_cmd%20Indicates%20the%20unauthorized%20command%20injection/The%20LB-LINK_cmd%20command%20is%20used%20to%20inject%20information.md

Product: TOTOLINK N600R

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46060

NVD References: http://totolink.com

Product: Openc3 Cosmos

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28384

NVD References: https://openc3.com/

Product: OpenC3 COSMOS v6.0.0

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28386

NVD References: https://openc3.com/

Product: Openc3 Cosmos

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28388

NVD References: https://openc3.com/

Product: Openc3 Cosmos

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-28389

NVD References: https://openc3.com/

Product: UTT 进取 750W

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6098

Product: HAMASTAR Technology WIMP website co-construction management platform

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6169

NVD References: 

- https://www.twcert.org.tw/en/cp-139-10184-f29ca-2.html

- https://www.twcert.org.tw/tw/cp-132-10183-99ce1-1.html

Product: Afmobi Boomplayer 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6172

NVD References: https://security.tecno.com/SRC/securityUpdates

Product: Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl 

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-40916

NVD References: 

- https://metacpan.org/pod/perlfunc#rand

- https://security.metacpan.org/docs/guides/random-data-for-security.html

Product: Apache NuttX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47868

NVD References: 

- https://lists.apache.org/thread/p4o2lcqgspx3ws1n2p4wmoqbqow1w1pw

- http://www.openwall.com/lists/oss-security/2025/06/14/1

Product: Apache NuttX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47869

NVD References: 

- https://lists.apache.org/thread/306qcqyc3bpb2ozh015yxjo9kqs4jbvj

- http://www.openwall.com/lists/oss-security/2025/06/14/2

Product: D-Link DIR-632

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6121

Product: Libxml2CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49794NVD References: - https://access.redhat.com/security/cve/CVE-2025-49794- https://bugzilla.redhat.com/show_bug.cgi?id=2372373CVE-2025-49796 - Libxml2 is vulnerable to memory corruption when processing specific sch:name elements in XML input, potentially leading to denial of service or other undefined behavior by allowing an attacker to craft a malicious file.Product: Libxml2CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49796NVD References: - https://access.redhat.com/security/cve/CVE-2025-49796- https://bugzilla.redhat.com/show_bug.cgi?id=2372385CVE-2025-6179 - Google ChromeOS 16181.27.0 on managed Chrome devices is vulnerable to a permissions bypass that allows a local attacker to disable extensions and access Developer Mode.Product: Google ChromeOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6179NVD References: - https://issues.chromium.org/issues/b/399652193- https://issuetracker.google.com/issues/399652193CVE-2025-4404 - FreeIPA project suffers from a privilege escalation vulnerability due to a lack of validation for the uniqueness of the `krbCanonicalName`, enabling users to impersonate the admin account and gain access to sensitive data within the REALM.Product: FreeIPACVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4404NVD References: - https://access.redhat.com/security/cve/CVE-2025-4404- https://bugzilla.redhat.com/show_bug.cgi?id=2364606CVE-2025-49219 & CVE-2025-49220 - Trend Micro Apex Central below versions 8.0.7007 pre-authentication remote code execution vulnerabilities.Product: Trend Micro Apex CentralCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49219NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49220NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019926- https://www.zerodayinitiative.com/advisories/ZDI-25-366/- https://www.zerodayinitiative.com/advisories/ZDI-25-367/CVE-2025-49212, CVE-2025-49213, & CVE-2025-49217 -  Trend Micro Endpoint Encryption PolicyServer is susceptible to pre-authentication remote code execution vulnerabilities.Product: Trend Micro Endpoint Encryption PolicyServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49212NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49213NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49217NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019928- https://www.zerodayinitiative.com/advisories/ZDI-25-369/- https://www.zerodayinitiative.com/advisories/ZDI-25-370/- https://www.zerodayinitiative.com/advisories/ZDI-25-374/CVE-2025-49216 - Trend Micro Endpoint Encryption PolicyServer is vulnerable to an authentication bypass that allows attackers to gain admin access and modify product configurations.Product: Trend Micro Endpoint Encryption PolicyServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49216NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019928- https://www.zerodayinitiative.com/advisories/ZDI-25-373/CVE-2025-49825 - Teleport is vulnerable to remote authentication bypass in Community Edition versions before and including 17.5.1 with no available open-source patch.Product: Teleport Community EditionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49825NVD References: https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpcCVE-2025-4973 - The Workreap plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.3.1, allowing unauthenticated attackers to log in as registered users by exploiting a flaw in email address verification.Product: Unknown. Workreap WordPress pluginActive Installations: Update to version 3.3.2, or a newer patched version.CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4973NVD References: - https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454#item-description__release-3-3-2-23-may-2025- https://www.wordfence.com/threat-intel/vulnerabilities/id/8e7693a3-642a-4eff-902c-d29a3c12deb0?source=cveCVE-2025-5288 - The REST API | Custom API Generator for WordPress plugin is vulnerable to Privilege Escalation, allowing unauthenticated attackers to create new Admin users.Product: WordPress REST API | Custom API GeneratorActive Installations: This plugin has been closed as of June 11, 2025 and is not available for download. This closure is temporary, pending a full review.CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5288NVD References: - https://plugins.trac.wordpress.org/browser/import-export-with-custom-rest-api/tags/2.0.3/backend/methods/wot-rapi-import-functions.php#L123- https://wordpress.org/plugins/import-export-with-custom-rest-api/#developers- https://www.wordfence.com/threat-intel/vulnerabilities/id/0e2774fc-f028-436c-a8af-3c17378b9743?source=cveCVE-2025-6065 - The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion,…

Product: Libxml2CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49796NVD References: - https://access.redhat.com/security/cve/CVE-2025-49796- https://bugzilla.redhat.com/show_bug.cgi?id=2372385CVE-2025-6179 - Google ChromeOS 16181.27.0 on managed Chrome devices is vulnerable to a permissions bypass that allows a local attacker to disable extensions and access Developer Mode.Product: Google ChromeOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6179NVD References: - https://issues.chromium.org/issues/b/399652193- https://issuetracker.google.com/issues/399652193CVE-2025-4404 - FreeIPA project suffers from a privilege escalation vulnerability due to a lack of validation for the uniqueness of the `krbCanonicalName`, enabling users to impersonate the admin account and gain access to sensitive data within the REALM.Product: FreeIPACVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4404NVD References: - https://access.redhat.com/security/cve/CVE-2025-4404- https://bugzilla.redhat.com/show_bug.cgi?id=2364606CVE-2025-49219 & CVE-2025-49220 - Trend Micro Apex Central below versions 8.0.7007 pre-authentication remote code execution vulnerabilities.Product: Trend Micro Apex CentralCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49219NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49220NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019926- https://www.zerodayinitiative.com/advisories/ZDI-25-366/- https://www.zerodayinitiative.com/advisories/ZDI-25-367/CVE-2025-49212, CVE-2025-49213, & CVE-2025-49217 -  Trend Micro Endpoint Encryption PolicyServer is susceptible to pre-authentication remote code execution vulnerabilities.Product: Trend Micro Endpoint Encryption PolicyServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49212NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49213NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49217NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019928- https://www.zerodayinitiative.com/advisories/ZDI-25-369/- https://www.zerodayinitiative.com/advisories/ZDI-25-370/- https://www.zerodayinitiative.com/advisories/ZDI-25-374/CVE-2025-49216 - Trend Micro Endpoint Encryption PolicyServer is vulnerable to an authentication bypass that allows attackers to gain admin access and modify product configurations.Product: Trend Micro Endpoint Encryption PolicyServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49216NVD References: - https://success.trendmicro.com/en-US/solution/KA-0019928- https://www.zerodayinitiative.com/advisories/ZDI-25-373/CVE-2025-49825 - Teleport is vulnerable to remote authentication bypass in Community Edition versions before and including 17.5.1 with no available open-source patch.Product: Teleport Community EditionCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49825NVD References: https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpcCVE-2025-4973 - The Workreap plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.3.1, allowing unauthenticated attackers to log in as registered users by exploiting a flaw in email address verification.Product: Unknown. Workreap WordPress pluginActive Installations: Update to version 3.3.2, or a newer patched version.CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4973NVD References: - https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454#item-description__release-3-3-2-23-may-2025- https://www.wordfence.com/threat-intel/vulnerabilities/id/8e7693a3-642a-4eff-902c-d29a3c12deb0?source=cveCVE-2025-5288 - The REST API | Custom API Generator for WordPress plugin is vulnerable to Privilege Escalation, allowing unauthenticated attackers to create new Admin users.Product: WordPress REST API | Custom API GeneratorActive Installations: This plugin has been closed as of June 11, 2025 and is not available for download. This closure is temporary, pending a full review.CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5288NVD References: - https://plugins.trac.wordpress.org/browser/import-export-with-custom-rest-api/tags/2.0.3/backend/methods/wot-rapi-import-functions.php#L123- https://wordpress.org/plugins/import-export-with-custom-rest-api/#developers- https://www.wordfence.com/threat-intel/vulnerabilities/id/0e2774fc-f028-436c-a8af-3c17378b9743?source=cveCVE-2025-6065 - The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion, allowing unauthenticated attackers to delete files on the server and potentially execute remote code.Product: WordPress Image Resizer On The Fly pluginActive Installations: This plugin has been closed as of June 13, 2025 and is not available for download. This closure is temporary, pending a full review.CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6065NVD References: - https://plugins.trac.wordpress.org/browser/image-resi…

Product: Google ChromeOS

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6179

NVD References: 

- https://issues.chromium.org/issues/b/399652193

- https://issuetracker.google.com/issues/399652193

Product: FreeIPA

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4404

NVD References: 

- https://access.redhat.com/security/cve/CVE-2025-4404

- https://bugzilla.redhat.com/show_bug.cgi?id=2364606

CVE-2025-49219 & CVE-2025-49220 - Trend Micro Apex Central below versions 8.0.7007 pre-authentication remote code execution vulnerabilities.

Product: Trend Micro Apex Central

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49219

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49220

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019926

- https://www.zerodayinitiative.com/advisories/ZDI-25-366/

- https://www.zerodayinitiative.com/advisories/ZDI-25-367/

CVE-2025-49212, CVE-2025-49213, & CVE-2025-49217 -  Trend Micro Endpoint Encryption PolicyServer is susceptible to pre-authentication remote code execution vulnerabilities.

Product: Trend Micro Endpoint Encryption PolicyServer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49212

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49213

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49217

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019928

- https://www.zerodayinitiative.com/advisories/ZDI-25-369/

- https://www.zerodayinitiative.com/advisories/ZDI-25-370/

- https://www.zerodayinitiative.com/advisories/ZDI-25-374/

CVE-2025-49216 - Trend Micro Endpoint Encryption PolicyServer is vulnerable to an authentication bypass that allows attackers to gain admin access and modify product configurations.

Product: Trend Micro Endpoint Encryption PolicyServer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49216

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019928

- https://www.zerodayinitiative.com/advisories/ZDI-25-373/

CVE-2025-49825 - Teleport is vulnerable to remote authentication bypass in Community Edition versions before and including 17.5.1 with no available open-source patch.

Product: Teleport Community Edition

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49825

NVD References: https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpc

CVE-2025-4973 - The Workreap plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.3.1, allowing unauthenticated attackers to log in as registered users by exploiting a flaw in email address verification.

Product: Unknown. Workreap WordPress plugin

Active Installations: Update to version 3.3.2, or a newer patched version.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4973

NVD References: 

- https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454#item-description__release-3-3-2-23-may-2025

- https://www.wordfence.com/threat-intel/vulnerabilities/id/8e7693a3-642a-4eff-902c-d29a3c12deb0?source=cve

CVE-2025-5288 - The REST API | Custom API Generator for WordPress plugin is vulnerable to Privilege Escalation, allowing unauthenticated attackers to create new Admin users.

Product: WordPress REST API | Custom API Generator

Active Installations: This plugin has been closed as of June 11, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5288

NVD References: 

- https://plugins.trac.wordpress.org/browser/import-export-with-custom-rest-api/tags/2.0.3/backend/methods/wot-rapi-import-functions.php#L123

- https://wordpress.org/plugins/import-export-with-custom-rest-api/#developers

- https://www.wordfence.com/threat-intel/vulnerabilities/id/0e2774fc-f028-436c-a8af-3c17378b9743?source=cve

CVE-2025-6065 - The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion, allowing unauthenticated attackers to delete files on the server and potentially execute remote code.

Product: WordPress Image Resizer On The Fly plugin

Active Installations: This plugin has been closed as of June 13, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6065

NVD References: 

- https://plugins.trac.wordpress.org/browser/image-resizer-on-the-fly/trunk/image-resizer-on-the-fly.php#L25

- https://wordpress.org/plugins/image-resizer-on-the-fly/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/14877ff6-e393-41a3-91c1-fe7f477297cc?source=cve

CVE-2025-24773 - WPCRM - CRM for Contact Form CF7 & WooCommerce from n/a through 3.2.0 is vulnerable to SQL Injection.

Product: Mojoomla WPCRM - CRM for Contact Form CF7 & WooCommerce

Active Installations: 300+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24773

NVD References: https://patchstack.com/database/wordpress/plugin/wpcrm/vulnerability/wordpress-wpcrm-crm-for-contact-form-cf7-woocommerce-3-2-0-sql-injection-vulnerability?_s_id=cve

CVE-2025-47573 - Mojoomla School Management is vulnerable to Blind SQL Injection due to improper neutralization of special elements in SQL commands.

Product: Mojoomla School Management

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47573

NVD References: https://patchstack.com/database/wordpress/plugin/school-management/vulnerability/wordpress-school-management-system-plugin-92-0-0-sql-injection-vulnerability?_s_id=cve

CVE-2025-30618 - Rapyd Payment Extension for WooCommerce is vulnerable to Deserialization of Untrusted Data, allowing Object Injection from version n/a through 1.2.0.

Product: Rapyd Payment Extension for WooCommerce

Active Installations: 500+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30618

NVD References: https://patchstack.com/database/wordpress/plugin/rapyd-payments/vulnerability/wordpress-rapyd-payment-extension-for-woocommerce-1-1-9-php-object-injection-vulnerability?_s_id=cve

CVE-2025-31919 - Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.

Product: themeton Spare

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31919

NVD References: https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-spare-1-7-php-object-injection-vulnerability?_s_id=cve

CVE-2025-32510 - Ovatheme Events Manager allows malicious files to be uploaded due to an unrestricted file type vulnerability.

Product: Ovatheme Events Manager

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32510

NVD References: https://patchstack.com/database/wordpress/plugin/ova-events-manager/vulnerability/wordpress-ovatheme-events-manager-plugin-1-7-5-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2025-39479 - smartiolabs Smart Notification is vulnerable to Blind SQL Injection, impacting versions from n/a through 10.3.

Product: smartiolabs Smart Notification

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39479

NVD References: https://patchstack.com/database/wordpress/plugin/smio-push-notification/vulnerability/wordpress-smart-notification-plugin-10-3-sql-injection-vulnerability?_s_id=cve

CVE-2025-47452 - RexTheme WP VR allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server, affecting versions up to 8.5.26.

Product: RexTheme WP VR

Active Installations: unknown

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47452

NVD References: https://patchstack.com/database/wordpress/plugin/wpvr/vulnerability/wordpress-wp-vr-8-5-26-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2025-47559 - MapSVG allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server.

Product: RomanCode MapSVG

Active Installations: 900+

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47559

NVD References: https://patchstack.com/database/wordpress/plugin/mapsvg/vulnerability/wordpress-mapsvg-plugin-8-5-32-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2025-48274 - WP Job Portal is vulnerable to Blind SQL Injection from versions n/a through 2.3.2.

Product: WP Job Portal wpjobportal

Active Installations: 8,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48274

NVD References: https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve

CVE-2025-49071 - NasaTheme Flozen allows uploading of a dangerous file type, allowing attackers to upload a web shell to a web server.

Product: NasaTheme Flozen

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49071

NVD References: https://patchstack.com/database/wordpress/theme/flozen-theme/vulnerability/wordpress-flozen-1-5-1-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2025-49330 - Integration for Contact Form 7 and Zoho CRM, Bigin is vulnerable to object injection due to deserialization of untrusted data.

Product: CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin

Active Installations: 3,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49330

NVD References: https://patchstack.com/database/wordpress/plugin/cf7-zoho/vulnerability/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-1-3-0-php-object-injection-vulnerability?_s_id=cve

CVE-2025-49444 - Merkulove Reformer for Elementor allows uploading dangerous file types, potentially enabling the upload of a web shell to a web server.

Product: Merkulove Reformer for Elementor

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49444

NVD References: https://patchstack.com/database/wordpress/plugin/reformer-elementor/vulnerability/wordpress-reformer-for-elementor-1-0-5-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2025-49447 - FW Food Menu in Fastw3b LLC allows attackers to upload dangerous files, impacting versions from n/a to 6.0.0.

Product: Fastw3b LLC FW Food Menu

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49447

NVD References: https://patchstack.com/database/wordpress/plugin/fw-food-menu/vulnerability/wordpress-fw-food-menu-6-0-0-arbitrary-file-upload-vulnerability?_s_id=cve

The following vulnerability needs a manual review:

CVE-2025-47188 - Mitel 6800 Series, 6900 Series and 6900w Series SIP Phones, including 6970 Conference Unit Command Injection and Unauthenticated File Upload Vulnerabilities

Product: Mitel 6800 Series, 6900 Series and 6900w Series SIP Phones 

CVSS Score: critical

NVD: N/A

ISC Podcast: https://isc.sans.edu/podcastdetail/9496

References: https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0004

Product: Trend Micro Apex Central

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49219

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49220

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019926

- https://www.zerodayinitiative.com/advisories/ZDI-25-366/

- https://www.zerodayinitiative.com/advisories/ZDI-25-367/

Product: Trend Micro Endpoint Encryption PolicyServer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49212

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49213

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49217

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019928

- https://www.zerodayinitiative.com/advisories/ZDI-25-369/

- https://www.zerodayinitiative.com/advisories/ZDI-25-370/

- https://www.zerodayinitiative.com/advisories/ZDI-25-374/

Product: Trend Micro Endpoint Encryption PolicyServer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49216

NVD References: 

- https://success.trendmicro.com/en-US/solution/KA-0019928

- https://www.zerodayinitiative.com/advisories/ZDI-25-373/

Product: Teleport Community Edition

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49825

NVD References: https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpc

Product: Unknown. Workreap WordPress plugin

Active Installations: Update to version 3.3.2, or a newer patched version.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4973

NVD References: 

- https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454#item-description__release-3-3-2-23-may-2025

- https://www.wordfence.com/threat-intel/vulnerabilities/id/8e7693a3-642a-4eff-902c-d29a3c12deb0?source=cve

Product: WordPress REST API | Custom API Generator

Active Installations: This plugin has been closed as of June 11, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5288

NVD References: 

- https://plugins.trac.wordpress.org/browser/import-export-with-custom-rest-api/tags/2.0.3/backend/methods/wot-rapi-import-functions.php#L123

- https://wordpress.org/plugins/import-export-with-custom-rest-api/#developers

- https://www.wordfence.com/threat-intel/vulnerabilities/id/0e2774fc-f028-436c-a8af-3c17378b9743?source=cve

Product: WordPress Image Resizer On The Fly plugin

Active Installations: This plugin has been closed as of June 13, 2025 and is not available for download. This closure is temporary, pending a full review.

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6065

NVD References: 

- https://plugins.trac.wordpress.org/browser/image-resizer-on-the-fly/trunk/image-resizer-on-the-fly.php#L25

- https://wordpress.org/plugins/image-resizer-on-the-fly/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/14877ff6-e393-41a3-91c1-fe7f477297cc?source=cve

Product: Mojoomla WPCRM - CRM for Contact Form CF7 & WooCommerce

Active Installations: 300+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24773

NVD References: https://patchstack.com/database/wordpress/plugin/wpcrm/vulnerability/wordpress-wpcrm-crm-for-contact-form-cf7-woocommerce-3-2-0-sql-injection-vulnerability?_s_id=cve

Product: Mojoomla School Management

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47573

NVD References: https://patchstack.com/database/wordpress/plugin/school-management/vulnerability/wordpress-school-management-system-plugin-92-0-0-sql-injection-vulnerability?_s_id=cve

Product: Rapyd Payment Extension for WooCommerce

Active Installations: 500+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30618

NVD References: https://patchstack.com/database/wordpress/plugin/rapyd-payments/vulnerability/wordpress-rapyd-payment-extension-for-woocommerce-1-1-9-php-object-injection-vulnerability?_s_id=cve

Product: themeton Spare

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31919

NVD References: https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-spare-1-7-php-object-injection-vulnerability?_s_id=cve

Product: Ovatheme Events Manager

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32510

NVD References: https://patchstack.com/database/wordpress/plugin/ova-events-manager/vulnerability/wordpress-ovatheme-events-manager-plugin-1-7-5-arbitrary-file-upload-vulnerability?_s_id=cve

Product: smartiolabs Smart Notification

Active Installations: unknown

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39479

NVD References: https://patchstack.com/database/wordpress/plugin/smio-push-notification/vulnerability/wordpress-smart-notification-plugin-10-3-sql-injection-vulnerability?_s_id=cve

Product: RexTheme WP VR

Active Installations: unknown

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47452

NVD References: https://patchstack.com/database/wordpress/plugin/wpvr/vulnerability/wordpress-wp-vr-8-5-26-arbitrary-file-upload-vulnerability?_s_id=cve

Product: RomanCode MapSVG

Active Installations: 900+

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47559

NVD References: https://patchstack.com/database/wordpress/plugin/mapsvg/vulnerability/wordpress-mapsvg-plugin-8-5-32-arbitrary-file-upload-vulnerability?_s_id=cve

Product: WP Job Portal wpjobportal

Active Installations: 8,000+

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48274

NVD References: https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve

Product: NasaTheme Flozen

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49071

NVD References: https://patchstack.com/database/wordpress/theme/flozen-theme/vulnerability/wordpress-flozen-1-5-1-arbitrary-file-upload-vulnerability?_s_id=cve

Product: CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin

Active Installations: 3,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49330

NVD References: https://patchstack.com/database/wordpress/plugin/cf7-zoho/vulnerability/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-1-3-0-php-object-injection-vulnerability?_s_id=cve

Product: Merkulove Reformer for Elementor

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49444

NVD References: https://patchstack.com/database/wordpress/plugin/reformer-elementor/vulnerability/wordpress-reformer-for-elementor-1-0-5-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Fastw3b LLC FW Food Menu

Active Installations: unknown

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49447

NVD References: https://patchstack.com/database/wordpress/plugin/fw-food-menu/vulnerability/wordpress-fw-food-menu-6-0-0-arbitrary-file-upload-vulnerability?_s_id=cve

The following vulnerability needs a manual review:

Product: Mitel 6800 Series, 6900 Series and 6900w Series SIP Phones 

CVSS Score: critical

NVD: N/A

ISC Podcast: https://isc.sans.edu/podcastdetail/9496

References: https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0004