SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
VOLUME 25ISSUE 9
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Njrat Campaign Using Microsoft Dev Tunnels
Published: 2025-02-27
Last Updated: 2025-02-27 08:54:32 UTC
by Xavier Mertens (Version: 1)
I spotted new Njrat samples that (ab)use the Microsoft dev tunnels service to connect to their C2 servers. This is a service that allows developers to expose local services to the Internet securely for testing, debugging, and collaboration. It provides temporary, public, or private URLs that will enable remote access to a development environment without deploying code to production. Dev tunnels create a secure, temporary URL that maps to a local service running on your machine, they work across firewalls and NAT, and their access can be restricted. This is a service similar to the good old ngrok.
Here are two samples ...
They use different dev tunnel URLs but their ImpHash (Import Hash) is the same ...
This is the code where the malware will send its status to the C2 server ...
Read the full entry: https://isc.sans.edu/diary/Njrat+Campaign+Using+Microsoft+Dev+Tunnels/31724/
Mark of the Web: Some Technical Details
Published: 2025-03-03
Last Updated: 2025-03-03 10:29:03 UTC
by Didier Stevens (Version: 1)
The Mark of the Web (MoTW) is file metadata in Windows that marks a file that was obtained from an untrusted source.
When a file is downloaded from the Internet, browsers will not only write the file to disk, but also include metadata with the origin of the file. This also applies when an email attachment is saved to disk with Outlook.
This metadata (MoTW) is used by several applications to activate extra precautions when a file from an untrusted source is opened. For exampe, Microsoft Office will open a document downloaded from the Internet in Protected View (indicated by the yellow banner), SmartScreen will prompt you before a file is launched, ...
The metadata/MoTW is stored in an Alternate Data Stream on NTFS disks. The name of this ADS is Zone.Identifier.
You can view this with Notepad, for example. Say that you downloaded a file from the Internet called invoice.docx, then you can view the MoTW with this command ...
Read the full entry: https://isc.sans.edu/diary/Mark+of+the+Web+Some+Technical+Details/31732/
Romanian Distillery Scanning for SMTP Credentials
Published: 2025-03-04
Last Updated: 2025-03-04 15:53:21 UTC
by Johannes Ullrich (Version: 1)
Lately, attackers have gotten more creative and aggressive in trying to find various credential files on exposed web servers. Our "First Seen" page each day shows many new versions of scans for secrets files like ".env".
Yesterday, I noted a couple of requests that stuck out a bit ...
The same attacker scanned for variations ...
Read the full entry: https://isc.sans.edu/diary/Romanian+Distillery+Scanning+for+SMTP+Credentials/31736/
Internet Storm Center Entries
Tool update: mac-robber.py (2025.03.04)
https://isc.sans.edu/diary/Tool+update+macrobberpy/31738/
Wireshark 4.4.5 Released (2025.03.02)
https://isc.sans.edu/diary/Wireshark+445+Released/31728/
[Guest Diary] Malware Source Servers: The Threat of Attackers Using Ephemeral Ports as Service Ports to Upload Data (2025.02.26)
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2025-1723 - Zohocorp ManageEngine ADSelfService Plus versions 6510 and below allows valid account holders to potentially exploit a session mishandling vulnerability for account takeover.
Product: ManageEngine ADSelfService Plus
CVSS Score: 8.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1723
ISC Podcast: https://isc.sans.edu/podcastdetail/9350
NVD References: https://www.manageengine.com/products/self-service-password/advisory/CVE-2025-1723.html
CVE-2025-22224 - VMware ESXi and Workstation are vulnerable to a TOCTOU issue that allows a local admin on a virtual machine to execute code on the host.
Product: VMware ESXi
CVSS Score: 9.3
** KEV since 2025-03-04 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22224
NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
CVE-2025-22225 - VMware ESXi is vulnerable to an arbitrary write exploit that could allow a malicious actor to escape the sandbox.
Product: VMware ESXi
CVSS Score: 8.2
** KEV since 2025-03-04 **
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22225
NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
CVE-2025-22226 - VMware ESXi, Workstation, and Fusion are vulnerable to an information disclosure flaw in HGFS, allowing an attacker with admin privileges to extract memory from the vmx process.
Product: VMware ESXiCVSS Score: 7.1** KEV since 2025-03-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22226NVD References: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390CVE-2023-34192 - Zimbra ZCS v.8.8.15 is vulnerable to cross-site scripting, enabling remote authenticated attackers to execute arbitrary code by manipulating a script in the /h/autoSaveDraft function.Product: Zimbra Collaboration 8.8.15CVSS Score: 0** KEV since 2025-02-25 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34192CVE-2023-25574 - `jupyterhub-ltiauthenticator` version 1.3.0 allows unauthorized forged requests due to lack of JWT signature validation in LTI13Authenticator.Product: JupyterHub jupyterhub-ltiauthenticatorCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25574NVD References: - https://github.com/jupyterhub/ltiauthenticator/blob/3feec2e81b9d3b0ad6b58ab4226af640833039f3/ltiauthenticator/lti13/validator.py#L122-L164- https://github.com/jupyterhub/ltiauthenticator/blob/main/CHANGELOG.md#140---2023-03-01- https://github.com/jupyterhub/ltiauthenticator/security/advisories/GHSA-mcgx-2gcr-p3hpCVE-2025-25516, CVE-2025-25517, CVE-2025-25519, CVE-2025-25520, CVE-2025-25521 - SeaCMS <=13.3 is vulnerable to SQL Injection.Product: SeaCMSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25516NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25517NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25519NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25520NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25521NVD References: - https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-2.md- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-7.md- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-8.md- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-4.md- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-3.mdCVE-2024-47051 - Mautic versions before 5.2.3 have critical vulnerabilities that allow authenticated users to execute remote code and delete files on the host system.Product: MauticCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-47051NVD References: - https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2- https://owasp.org/www-community/attacks/Code_Injection- https://owasp.org/www-community/attacks/Path_TraversalCVE-2025-25783 - Emlog Pro v2.5.3 is vulnerable to arbitrary file uploads in admin\plugin.php, enabling attackers to execute malicious code by uploading a specially crafted Zip file.Product: Emlog ProCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25783NVD References: - http://emlogpro.com- https://github.com/Ka7arotto/emlog/blob/main/emlog-3.md- https://www.emlog.net/- https://github.com/Ka7arotto/emlog/blob/main/emlog-3.mdCVE-2024-50685, CVE-2024-50686, CVE-2024-50687, CVE-2024-50689, CVE-2024-50693 - SunGrow iSolarCloud is vulnerable to insecure direct object references (IDOR).Product: SunGrow iSolarCloudCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50685NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50686NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50687NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50689NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50693NVD References: - https://en.sungrowpower.com/security-notice-detail-2/6118- https://en.sungrowpower.com/security-notice-detail-2/6112- https://en.sungrowpower.com/security-notice-detail-2/6114- https://en.sungrowpower.com/security-notice-detail-2/6116- https://en.sungrowpower.com/security-notice-detail-2/6120CVE-2024-50688 - SunGrow iSolarCloud Android application V2.1.6.20241017 and prior stores hardcoded credentials, sharing the same MQTT details for device telemetry across all user accounts and cloud interactions.Product: SunGrow iSolarCloud Android applicationCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50688NVD References: https://en.sungrowpower.com/security-notice-detail-2/6122CVE-2024-53573 - Unifiedtransform v2.X is vulnerable to Incorrect Access Control, allowing unauthorized users to access and manipulate administrative endpoints such as teacher/edit/{id}.Product: Unifiedtransform v2.XCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53573NVD References: - https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/view- https://www.getastra.com/blog/vulnerability/improper-access-control-in-school-management-system-unifiedtransform/- https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/viewCVE-2024-57040 - TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 have a hardcoded password for the root account vulnerable to brute force attacks.Product: TP-Link TL-WR845NCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57040NVD References: https://security.iiita.ac.in/iot/hashed_password.pdfCVE-2025-1751 - Ciges 2.15.5 from ATISoluciones is vulnerable to SQL I…
CVE-2023-25574 - `jupyterhub-ltiauthenticator` version 1.3.0 allows unauthorized forged requests due to lack of JWT signature validation in LTI13Authenticator.
Product: JupyterHub jupyterhub-ltiauthenticator
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25574
NVD References:
- https://github.com/jupyterhub/ltiauthenticator/blob/main/CHANGELOG.md#140---2023-03-01
- https://github.com/jupyterhub/ltiauthenticator/security/advisories/GHSA-mcgx-2gcr-p3hp
CVE-2025-25516, CVE-2025-25517, CVE-2025-25519, CVE-2025-25520, CVE-2025-25521 - SeaCMS <=13.3 is vulnerable to SQL Injection.
Product: SeaCMS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25516
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25517
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25519
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25520
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25521
NVD References:
- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-2.md
- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-7.md
- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-8.md
- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-4.md
- https://github.com/Colorado-all/cve/blob/main/seacms/seacms%20V13.3-sql-3.md
CVE-2024-47051 - Mautic versions before 5.2.3 have critical vulnerabilities that allow authenticated users to execute remote code and delete files on the host system.
Product: Mautic
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-47051
NVD References:
- https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2
CVE-2025-25783 - Emlog Pro v2.5.3 is vulnerable to arbitrary file uploads in admin\plugin.php, enabling attackers to execute malicious code by uploading a specially crafted Zip file.
Product: Emlog Pro
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25783
NVD References:
CVE-2024-50685, CVE-2024-50686, CVE-2024-50687, CVE-2024-50689, CVE-2024-50693 - SunGrow iSolarCloud is vulnerable to insecure direct object references (IDOR).
Product: SunGrow iSolarCloud
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50685
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50686
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50687
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50689
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50693
NVD References:
- https://en.sungrowpower.com/security-notice-detail-2/6118
- https://en.sungrowpower.com/security-notice-detail-2/6112
- https://en.sungrowpower.com/security-notice-detail-2/6114
CVE-2024-50688 - SunGrow iSolarCloud Android application V2.1.6.20241017 and prior stores hardcoded credentials, sharing the same MQTT details for device telemetry across all user accounts and cloud interactions.
Product: SunGrow iSolarCloud Android application
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50688
NVD References: https://en.sungrowpower.com/security-notice-detail-2/6122
CVE-2024-53573 - Unifiedtransform v2.X is vulnerable to Incorrect Access Control, allowing unauthorized users to access and manipulate administrative endpoints such as teacher/edit/{id}.
Product: Unifiedtransform v2.X
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53573
NVD References:
- https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/view
- https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/view
CVE-2024-57040 - TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 have a hardcoded password for the root account vulnerable to brute force attacks.
Product: TP-Link TL-WR845N
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-57040
NVD References: https://security.iiita.ac.in/iot/hashed_password.pdf
CVE-2025-1751 - Ciges 2.15.5 from ATISoluciones is vulnerable to SQL Injection, allowing attackers to manipulate the database via the $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint.
Product: ATISoluciones Ciges
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1751
NVD References: https://www.atisoluciones.com/incidentes-cve
CVE-2024-13148 - Yukseloglu Filter B2B Login Platform is vulnerable to SQL Injection before 16.01.2025.
Product: Yukseloglu Filter B2B Login Platform
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-13148
NVD References: https://www.usom.gov.tr/bildirim/tr-25-0045
CVE-2024-53944 - Tuoshi/Dionlink LT15D and LT21B 4G Wi-Fi devices are vulnerable to command injection, allowing unauthenticated attackers to execute arbitrary OS commands with root privileges via the /goform/formJsonAjaxReq endpoint.
Product: Tuoshi DionlinkCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53944NVD References: - http://www.tuoshi.net/productview.asp?id=218- http://www.tuoshi.net/productview.asp?id=226- https://github.com/actuator/cve/blob/main/Tuoshi/CVE-2024-53944-Whitepaper.pdf- https://github.com/actuator/cve/blob/main/Tuoshi/CVE-2024-53944.txt- https://github.com/actuator/cve/blob/main/Tuoshi/Firmware-M7628NNxISPv2xUI_v1.0.1802.10.08_P4-Blind-CMD-Injection-unauth-WAN.gif- https://github.com/actuator/cve/blob/main/Tuoshi/CVE-2024-53944-Whitepaper.pdfCVE-2025-22952 - Elestio memos v0.23.0 is susceptible to Server-Side Request Forgery (SSRF) through inadequate validation of user-provided URLs, enabling potential attacks.Product: Elestio memosCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22952NVD References: - https://elest.io/open-source/memos- https://github.com/usememos/memos- https://github.com/usememos/memos/issues/4413- https://github.com/usememos/memos/pull/4428- https://github.com/usememos/memos/issues/4413CVE-2024-41334 - Draytek devices Vigor 165/166, Vigor 2620/LTE200, Vigor 2860/2925, Vigor 2862/2926, Vigor 2133/2762/2832, Vigor 2135/2765/2766, Vigor 2865/2866/2927, Vigor 2962/3910, Vigor 3912, and Vigor 2925 up to v3.9.6 have a vulnerability that allows attackers to upload malicious modules from non-official servers and execute arbitrary code due to a lack of certificate verification.Product: Draytek VigorCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41334NVD References: - http://draytek.com- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946CVE-2024-41339 - Draytek devices Vigor 165/166, Vigor 2620/LTE200, Vigor 2860/2925, Vigor 2862/2926, Vigor 2133/2762/2832, Vigor 2135/2765/2766, Vigor 2865/2866/2927, Vigor 2962/3910, Vigor 3912, and Vigor 2925 are vulnerable to a CGI endpoint issue allowing attackers to upload a crafted kernel module for arbitrary code execution.Product: Draytek VigorCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41339NVD References: - http://draytek.com - https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946CVE-2024-51138 - Vigor routers and devices are vulnerable to a stack-based buffer overflow in the URL parsing functionality of the TR069 STUN server, allowing remote attackers to execute arbitrary code with elevated privileges.Product: DrayTek Vigor Product SeriesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-51138NVD References: - http://draytek.com- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946CVE-2024-51139 - Vigor2620/LTE200, Vigor2860/2925, Vigor2862/2926, Vigor2133/2762/2832, Vigor165/166, Vigor2135/2765/2766, Vigor2865/2866/2927, Vigor2962/3910, and Vigor3912 are vulnerable to remote code execution via the CGI parser's handling of the "Content-Length" header of HTTP POST requests.Product: DrayTek Vigor2620/LTE200CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-51139NVD References: - http://draytek.com- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946CVE-2024-55160 - GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list.Product: GFastCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-55160NVD References: - http://gfast.com- https://github.com/SuperDu1/CVE/issues/2- https://github.com/tiger1103/gfast/blob/os-v3.2/api/v1/system/sys_oper_log.go#L35- https://github.com/tiger1103/gfast/blob/os-v3.2/internal/app/system/logic/sysOperLog/sys_oper_log.go#L121- https://github.com/tiger1103/gfast/tree/os-v3.2- https://github.com/SuperDu1/CVE/issues/2CVE-2024-38292 - In XIQ-SE before 24.2.11, a missing access control check allows for path traversal and potential privilege escalation.Product: Xerox XIQ-SECVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38292NVD References: https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2024-104-xiq-se-path-traversal-privilege-escalation-cve-2024/ba-p/116362CVE-2025-25570 - Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.Product: Vue Vben AdminCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25570NVD References: https://github.com/Hackerhan/Vben-AdminCVE-2025-26325 - ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php.Product: ShopXOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26325NVD References: - https://github.com/gongfuxiang/shopxo/issues/86- https://github.com/gongfuxiang/shopxo/issues/86CVE-2024-36046 - Infoblox NIOS through 8.6.4 executes with more privileges than required.Product: Infoblox NIOSCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36046NVD References: https://support.infoblox.com/s/article/000010390CVE-2024-36047 - In…
CVE-2024-53944 - Whitepaper.pdf
CVE-2025-22952 - Elestio memos v0.23.0 is susceptible to Server-Side Request Forgery (SSRF) through inadequate validation of user-provided URLs, enabling potential attacks.
Product: Elestio memos
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-22952
NVD References:
- https://elest.io/open-source/memos
- https://github.com/usememos/memos
- https://github.com/usememos/memos/issues/4413
CVE-2024-41334 - Draytek devices Vigor 165/166, Vigor 2620/LTE200, Vigor 2860/2925, Vigor 2862/2926, Vigor 2133/2762/2832, Vigor 2135/2765/2766, Vigor 2865/2866/2927, Vigor 2962/3910, Vigor 3912, and Vigor 2925 up to v3.9.6 have a vulnerability that allows attackers to upload malicious modules from non-official servers and execute arbitrary code due to a lack of certificate verification.
Product: Draytek Vigor
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41334
NVD References:
- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946
CVE-2024-41339 - Draytek devices Vigor 165/166, Vigor 2620/LTE200, Vigor 2860/2925, Vigor 2862/2926, Vigor 2133/2762/2832, Vigor 2135/2765/2766, Vigor 2865/2866/2927, Vigor 2962/3910, Vigor 3912, and Vigor 2925 are vulnerable to a CGI endpoint issue allowing attackers to upload a crafted kernel module for arbitrary code execution.
Product: Draytek Vigor
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41339
NVD References:
- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946
CVE-2024-51138 - Vigor routers and devices are vulnerable to a stack-based buffer overflow in the URL parsing functionality of the TR069 STUN server, allowing remote attackers to execute arbitrary code with elevated privileges.
Product: DrayTek Vigor Product Series
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-51138
NVD References:
- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946
CVE-2024-51139 - Vigor2620/LTE200, Vigor2860/2925, Vigor2862/2926, Vigor2133/2762/2832, Vigor165/166, Vigor2135/2765/2766, Vigor2865/2866/2927, Vigor2962/3910, and Vigor3912 are vulnerable to remote code execution via the CGI parser's handling of the "Content-Length" header of HTTP POST requests.
Product: DrayTek Vigor2620/LTE200
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-51139
NVD References:
- https://medium.com/faraday/advisory-multiple-vulnerabilities-affecting-draytek-routers-78a6cb8b3946
CVE-2024-55160 - GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list.
Product: GFast
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-55160
NVD References:
- https://github.com/SuperDu1/CVE/issues/2
- https://github.com/tiger1103/gfast/blob/os-v3.2/api/v1/system/sys_oper_log.go#L35
CVE-2024-38292 - In XIQ-SE before 24.2.11, a missing access control check allows for path traversal and potential privilege escalation.
CVE-2025-25570 - Vue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.
Product: Vue Vben Admin
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25570
NVD References: https://github.com/Hackerhan/Vben-Admin
CVE-2025-26325 - ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php.
Product: ShopXO
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26325
NVD References:
CVE-2024-36046 - Infoblox NIOS through 8.6.4 executes with more privileges than required.
Product: Infoblox NIOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36046
NVD References: https://support.infoblox.com/s/article/000010390
CVE-2024-36047 - Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.
Product: Infoblox NIOS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-36047
NVD References: https://support.infoblox.com/s/article/000010391
CVE-2024-37566 & CVE-2024-37567 - Infoblox NIOS through 8.6.4 has Improper Authentication for Grids.
Product: Infoblox NIOS
CVSS Scores: 9.1 - 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37566
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37567
NVD References:
CVE-2025-0159 - IBM FlashSystem is vulnerable to a remote attacker bypassing RPCAdapter endpoint authentication through a specifically crafted HTTP request.
Product: IBM Storage Virtualize
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0159
NVD References: https://www.ibm.com/support/pages/node/7184182
CVE-2025-25379 - 07FLYCMS v.1.3.9 is vulnerable to Cross Site Request Forgery, enabling remote attackers to execute arbitrary code via the id parameter in del.html.
Product: 07FLYCMS v.1.3.9
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25379
NVD References:
- https://github.com/R2og/Sun-jialiang/tree/main/9/readme.md
- https://github.com/R2og/Sun-jialiang/tree/main/9/readme.md
CVE-2025-27554 - ToDesktop before 2024-10-03, vulnerabilities allow remote attackers to execute arbitrary commands on the build server and deploy updates to any app via a postinstall script in package.json.
Product: Cursor ToDesktop
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27554
NVD References:
- https://kibty.town/blog/todesktop
- https://news.ycombinator.com/item?id=43210858
- https://www.todesktop.com/blog/posts/security-incident-at-todesktop
CVE-2025-20646 - Wlan AP FW is vulnerable to an out of bounds write exploit allowing for remote privilege escalation without user interaction, patched under WCNCR00389074 and identified as MSV-1803.
Product: wlan AP FW Qualcomm
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-20646
NVD References: https://corp.mediatek.com/product-security-bulletin/March-2025
CVE-2025-27590 - Oxidized-web before version 0.15.0 allows unauthenticated users to take control of the Linux user account.
Product: Oxidized-webCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27590NVD References: - https://github.com/ytti/oxidized-web/commit/a5220a0ddc57b85cd122bffee228d3ed4901668e- https://github.com/ytti/oxidized-web/releases/tag/0.15.0CVE-2024-55532 - Apache Ranger in versions prior to 2.6.0 is vulnerable to improper neutralization of formula elements in its Export CSV feature.Product: Apache RangerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-55532NVD References: - https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger- http://www.openwall.com/lists/oss-security/2025/03/03/2CVE-2025-26206 - Sell done storefront v.1.0 is vulnerable to Cross Site Request Forgery, allowing remote attackers to escalate privileges through the index.html component.Product: Sell done storefrontCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26206NVD References: - https://github.com/selldone/storefront/blob/main/index.html- https://github.com/xibhi/CVE-2025-26206CVE-2024-48248 - NAKIVO Backup & Replication before 11.0.0.88174 is vulnerable to absolute path traversal, allowing remote code execution via getImageByPath to /c/router due to cleartext credentials in PhysicalDiscovery.Product: NAKIVO Backup & ReplicationCVSS Score: 8.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48248ISC Podcast: https://isc.sans.edu/podcastdetail/9342NVD References: - https://helpcenter.nakivo.com/Release-Notes/Content/Release-Notes.htm- https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/- https://github.com/watchtowrlabs/nakivo-arbitrary-file-read-poc-CVE-2024-48248/?ref=labs.watchtowr.comCVE-2025-1932 - Firefox and Thunderbird versions below 136/128.8 are vulnerable to potentially exploitable out-of-bounds access due to an inconsistent comparator in xslt/txNodeSorter after version 122.Product: Mozilla FirefoxCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1932NVD References: - https://bugzilla.mozilla.org/show_bug.cgi?id=1944313- https://www.mozilla.org/security/advisories/mfsa2025-14/- https://www.mozilla.org/security/advisories/mfsa2025-16/- https://www.mozilla.org/security/advisories/mfsa2025-17/- https://www.mozilla.org/security/advisories/mfsa2025-18/CVE-2025-1941 - Firefox < 136 allows for potential bypass of authentication in certain user opt-in settings for Focus.Product: Mozilla Firefox CVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1941NVD References: - https://bugzilla.mozilla.org/show_bug.cgi?id=1944665- https://www.mozilla.org/security/advisories/mfsa2025-14/CVE-2024-50706 - Uniguest Tripleplay before 24.2.1 is vulnerable to unauthenticated SQL injection, enabling remote attackers to execute unauthorized SQL queries on the backend database.Product: Uniguest TripleplayCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50706NVD References: - https://uniguest.com/cve-bulletins/- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50706-Vulnerability-Summary.pdfCVE-2024-50704 & CVE-2024-50707 - Uniguest Tripleplay before version 24.2.1 is vulnerable to unauthenticated remote code execution via specially crafted HTTP POST and HTTP GET requests.Product: Uniguest TripleplayCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50704NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50707NVD References: - https://uniguest.com/cve-bulletins/- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50704-Vulnerability-Summary.pdf- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdfCVE-2025-27507 - ZITADEL's Admin API in versions prior to 2.71.0 contains IDOR vulnerabilities that could allow unauthorized users to modify sensitive settings, particularly affecting LDAP configurations.Product: ZitadelCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507NVD References: - https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32xCVE-2025-1260 - Arista EOS with OpenConfig configured allows for unauthorized gNOI requests, potentially leading to unexpected switch configuration changes.Product: Arista Networks Arista EOSCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.Product: Edimax IC-7100CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.Product: GMOD ApolloCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410NVD References: ht…
CVE-2025-26206 - Sell done storefront v.1.0 is vulnerable to Cross Site Request Forgery, allowing remote attackers to escalate privileges through the index.html component.
Product: Sell done storefront
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26206
NVD References:
- https://github.com/selldone/storefront/blob/main/index.html
CVE-2024-48248 - NAKIVO Backup & Replication before 11.0.0.88174 is vulnerable to absolute path traversal, allowing remote code execution via getImageByPath to /c/router due to cleartext credentials in PhysicalDiscovery.
Product: NAKIVO Backup & Replication
CVSS Score: 8.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-48248
ISC Podcast: https://isc.sans.edu/podcastdetail/9342
NVD References:
- https://helpcenter.nakivo.com/Release-Notes/Content/Release-Notes.htm
CVE-2025-1932 - Firefox and Thunderbird versions below 136/128.8 are vulnerable to potentially exploitable out-of-bounds access due to an inconsistent comparator in xslt/txNodeSorter after version 122.
Product: Mozilla Firefox
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1932
NVD References:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1944313
- https://www.mozilla.org/security/advisories/mfsa2025-14/
- https://www.mozilla.org/security/advisories/mfsa2025-16/
CVE-2025-1941 - Firefox < 136 allows for potential bypass of authentication in certain user opt-in settings for Focus.
Product: Mozilla Firefox
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1941
NVD References:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1944665
- https://www.mozilla.org/security/advisories/mfsa2025-14/
CVE-2024-50706 - Uniguest Tripleplay before 24.2.1 is vulnerable to unauthenticated SQL injection, enabling remote attackers to execute unauthorized SQL queries on the backend database.
Product: Uniguest Tripleplay
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50706
NVD References:
- https://uniguest.com/cve-bulletins/
- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50706-Vulnerability-Summary.pdf
CVE-2024-50704 & CVE-2024-50707 - Uniguest Tripleplay before version 24.2.1 is vulnerable to unauthenticated remote code execution via specially crafted HTTP POST and HTTP GET requests.
Product: Uniguest Tripleplay
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50704
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50707
NVD References:
- https://uniguest.com/cve-bulletins/
- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50704-Vulnerability-Summary.pdf
- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdf
CVE-2025-27507 - ZITADEL's Admin API in versions prior to 2.71.0 contains IDOR vulnerabilities that could allow unauthorized users to modify sensitive settings, particularly affecting LDAP configurations.
Product: Zitadel
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507
NVD References:
- https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4
- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32x
CVE-2025-1260 - Arista EOS with OpenConfig configured allows for unauthorized gNOI requests, potentially leading to unexpected switch configuration changes.
Product: Arista Networks Arista EOS
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260
NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111
CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.
Product: Edimax IC-7100
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-27364 - MITRE Caldera is vulnerable to remote code execution via a crafted web request to the server API.
Product: MITRE Caldera
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27364
ISC Podcast: https://isc.sans.edu/podcastdetail/9346
CVE-2025-0912 - The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection, allowing unauthenticated attackers to achieve remote code execution.
Product: WordPress Donations Widget plugin
Active Installations: 100,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0912
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/8a8ae1b0-e9a0-4179-970b-dbcb0642547c?source=cve
CVE-2025-1307 - The Newscrunch theme for WordPress allows authenticated attackers to upload arbitrary files and potentially execute remote code due to a missing capability check in all versions up to 1.8.4.1.
Product: WordPress Newscrunch theme
Active Installations: 5,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1307
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/b55567e9-24e6-4738-b7f7-b95b541e6067?source=cve
CVE-2025-26988 - SMS Alert Order Notifications – WooCommerce is vulnerable to SQL Injection from n/a through 3.7.8.
Product: Cozy Vision SMS Alert Order Notifications - WooCommerce
Active Installations: 5,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26988
CVE-2025-25150 - Stylemix uListing is vulnerable to Blind SQL Injection in versions from n/a through 2.1.6.
Product: Stylemix uListing
Active Installations: 2,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25150
CVE-2025-26900 - flexmls Flexmls® IDX is vulnerable to Object Injection via Deserialization of Untrusted Data from versions n/a through 3.14.27.
Product: Flexmls® IDX
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26900
CVE-2025-26943 - Easy Quotes allows Blind SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions n/a through 1.2.2.
Product: Jürgen Müller Easy Quotes
Active Installations: 500+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26943
CVE-2025-27270 - Residential Address Detection from n/a through 2.5.4 is vulnerable to Missing Authorization, enabling Privilege Escalation.
Product: Residential Address Detection
Active Installations: 200+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27270
CVE-2024-8420 - The DHVC Form plugin for WordPress is vulnerable to privilege escalation allowing unauthenticated attackers to register as an administrator.
Product: DHVC Form plugin for WordPress
Active Installations: Unknown. Update to version 2.4.8, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8420
NVD References:
- https://codecanyon.net/item/dhvc-form-wordpress-form-for-visual-composer/8326593
CVE-2024-8425 - The WooCommerce Ultimate Gift Card plugin for WordPress allows unauthenticated attackers to upload arbitrary files on the server due to insufficient file type validation in certain functions.
Product: WordPress WooCommerce Ultimate Gift Card plugin
Active Installations: Unknown. No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8425
NVD References:
- https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057
CVE-2024-9193 - The WHMpress - WHMCS WordPress Integration Plugin is vulnerable to Local File Inclusion, allowing unauthenticated attackers to execute arbitrary PHP code and potentially gain administrative access to a site.
Product: WHMCS WHMpress
Active Installations: Unknown. Update to version 6.3-revision-1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9193
NVD References:
- https://whmpress.com/docs/change-log/
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26974
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26535
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
CVE-2024-50706 - Vulnerability-Summary.pdf
CVE-2024-50704 & CVE-2024-50707 - Uniguest Tripleplay before version 24.2.1 is vulnerable to unauthenticated remote code execution via specially crafted HTTP POST and HTTP GET requests.
Product: Uniguest Tripleplay
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50704
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-50707
NVD References:
- https://uniguest.com/cve-bulletins/
- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50704-Vulnerability-Summary.pdf
- https://uniguest.com/wp-content/uploads/2025/02/CVE-2024-50707-Vulnerability-Summary.pdf
CVE-2025-27507 - ZITADEL's Admin API in versions prior to 2.71.0 contains IDOR vulnerabilities that could allow unauthorized users to modify sensitive settings, particularly affecting LDAP configurations.
Product: Zitadel
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507
NVD References:
- https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4
- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32x
CVE-2025-1260 - Arista EOS with OpenConfig configured allows for unauthorized gNOI requests, potentially leading to unexpected switch configuration changes.
Product: Arista Networks Arista EOS
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260
NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111
CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.
Product: Edimax IC-7100
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-27364 - MITRE Caldera is vulnerable to remote code execution via a crafted web request to the server API.
Product: MITRE Caldera
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27364
ISC Podcast: https://isc.sans.edu/podcastdetail/9346
CVE-2025-0912 - The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection, allowing unauthenticated attackers to achieve remote code execution.
Product: WordPress Donations Widget plugin
Active Installations: 100,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0912
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/8a8ae1b0-e9a0-4179-970b-dbcb0642547c?source=cve
CVE-2025-1307 - The Newscrunch theme for WordPress allows authenticated attackers to upload arbitrary files and potentially execute remote code due to a missing capability check in all versions up to 1.8.4.1.
Product: WordPress Newscrunch theme
Active Installations: 5,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1307
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/b55567e9-24e6-4738-b7f7-b95b541e6067?source=cve
CVE-2025-26988 - SMS Alert Order Notifications – WooCommerce is vulnerable to SQL Injection from n/a through 3.7.8.
Product: Cozy Vision SMS Alert Order Notifications - WooCommerce
Active Installations: 5,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26988
CVE-2025-25150 - Stylemix uListing is vulnerable to Blind SQL Injection in versions from n/a through 2.1.6.
Product: Stylemix uListing
Active Installations: 2,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25150
CVE-2025-26900 - flexmls Flexmls® IDX is vulnerable to Object Injection via Deserialization of Untrusted Data from versions n/a through 3.14.27.
Product: Flexmls® IDX
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26900
CVE-2025-26943 - Easy Quotes allows Blind SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions n/a through 1.2.2.
Product: Jürgen Müller Easy Quotes
Active Installations: 500+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26943
CVE-2025-27270 - Residential Address Detection from n/a through 2.5.4 is vulnerable to Missing Authorization, enabling Privilege Escalation.
Product: Residential Address Detection
Active Installations: 200+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27270
CVE-2024-8420 - The DHVC Form plugin for WordPress is vulnerable to privilege escalation allowing unauthenticated attackers to register as an administrator.
Product: DHVC Form plugin for WordPress
Active Installations: Unknown. Update to version 2.4.8, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8420
NVD References:
- https://codecanyon.net/item/dhvc-form-wordpress-form-for-visual-composer/8326593
CVE-2024-8425 - The WooCommerce Ultimate Gift Card plugin for WordPress allows unauthenticated attackers to upload arbitrary files on the server due to insufficient file type validation in certain functions.
Product: WordPress WooCommerce Ultimate Gift Card plugin
Active Installations: Unknown. No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8425
NVD References:
- https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057
CVE-2024-9193 - The WHMpress - WHMCS WordPress Integration Plugin is vulnerable to Local File Inclusion, allowing unauthenticated attackers to execute arbitrary PHP code and potentially gain administrative access to a site.
Product: WHMCS WHMpress
Active Installations: Unknown. Update to version 6.3-revision-1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9193
NVD References:
- https://whmpress.com/docs/change-log/
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26974
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26535
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
CVE-2024-50707 - Vulnerability-Summary.pdf
CVE-2025-27507 - ZITADEL's Admin API in versions prior to 2.71.0 contains IDOR vulnerabilities that could allow unauthorized users to modify sensitive settings, particularly affecting LDAP configurations.
Product: Zitadel
CVSS Score: 9.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27507
NVD References:
- https://github.com/zitadel/zitadel/commit/d9d8339813f1c43d3eb7d8d80f11fdabb2fd2ee4
- https://github.com/zitadel/zitadel/security/advisories/GHSA-f3gh-529w-v32x
CVE-2025-1260 - Arista EOS with OpenConfig configured allows for unauthorized gNOI requests, potentially leading to unexpected switch configuration changes.
Product: Arista Networks Arista EOS
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1260
NVD References: https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111
CVE-2025-1316 - Edimax IC-7100 is vulnerable to remote code execution due to improper request neutralization.
Product: Edimax IC-7100
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1316
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
CVE-2025-23410 - GMOD Apollo does not check for path traversal when unzipping and inspecting organism or sequence data.
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-23410
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-24924 - Certain functionality within GMOD Apollo does not require authentication when passed with an administrative username
Product: GMOD Apollo
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24924
NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07
CVE-2025-27364 - MITRE Caldera is vulnerable to remote code execution via a crafted web request to the server API.
Product: MITRE Caldera
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27364
ISC Podcast: https://isc.sans.edu/podcastdetail/9346
CVE-2025-0912 - The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection, allowing unauthenticated attackers to achieve remote code execution.
Product: WordPress Donations Widget plugin
Active Installations: 100,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-0912
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/8a8ae1b0-e9a0-4179-970b-dbcb0642547c?source=cve
CVE-2025-1307 - The Newscrunch theme for WordPress allows authenticated attackers to upload arbitrary files and potentially execute remote code due to a missing capability check in all versions up to 1.8.4.1.
Product: WordPress Newscrunch theme
Active Installations: 5,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1307
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/b55567e9-24e6-4738-b7f7-b95b541e6067?source=cve
CVE-2025-26988 - SMS Alert Order Notifications – WooCommerce is vulnerable to SQL Injection from n/a through 3.7.8.
Product: Cozy Vision SMS Alert Order Notifications - WooCommerce
Active Installations: 5,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26988
CVE-2025-25150 - Stylemix uListing is vulnerable to Blind SQL Injection in versions from n/a through 2.1.6.
Product: Stylemix uListing
Active Installations: 2,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-25150
CVE-2025-26900 - flexmls Flexmls® IDX is vulnerable to Object Injection via Deserialization of Untrusted Data from versions n/a through 3.14.27.
Product: Flexmls® IDX
Active Installations: 1,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26900
CVE-2025-26943 - Easy Quotes allows Blind SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions n/a through 1.2.2.
Product: Jürgen Müller Easy Quotes
Active Installations: 500+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26943
CVE-2025-27270 - Residential Address Detection from n/a through 2.5.4 is vulnerable to Missing Authorization, enabling Privilege Escalation.
Product: Residential Address Detection
Active Installations: 200+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27270
CVE-2024-8420 - The DHVC Form plugin for WordPress is vulnerable to privilege escalation allowing unauthenticated attackers to register as an administrator.
Product: DHVC Form plugin for WordPress
Active Installations: Unknown. Update to version 2.4.8, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8420
NVD References:
- https://codecanyon.net/item/dhvc-form-wordpress-form-for-visual-composer/8326593
CVE-2024-8425 - The WooCommerce Ultimate Gift Card plugin for WordPress allows unauthenticated attackers to upload arbitrary files on the server due to insufficient file type validation in certain functions.
Product: WordPress WooCommerce Ultimate Gift Card plugin
Active Installations: Unknown. No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8425
NVD References:
- https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057
CVE-2024-9193 - The WHMpress - WHMCS WordPress Integration Plugin is vulnerable to Local File Inclusion, allowing unauthenticated attackers to execute arbitrary PHP code and potentially gain administrative access to a site.
Product: WHMCS WHMpress
Active Installations: Unknown. Update to version 6.3-revision-1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9193
NVD References:
- https://whmpress.com/docs/change-log/
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26974
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26535
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
CVE-2025-25150 - Stylemix uListing is vulnerable to Blind SQL Injection in versions from n/a through 2.1.6.
Product: Stylemix uListing
Active Installations: 2,000+
CVSS Score: 9.3
CVE-2025-26900 - flexmls Flexmls® IDX is vulnerable to Object Injection via Deserialization of Untrusted Data from versions n/a through 3.14.27.
Product: Flexmls® IDX
Active Installations: 1,000+
CVSS Score: 9.8
CVE-2025-26943 - Easy Quotes allows Blind SQL Injection due to improper neutralization of special elements in SQL commands, affecting versions n/a through 1.2.2.
Product: Jürgen Müller Easy Quotes
Active Installations: 500+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26943
CVE-2025-27270 - Residential Address Detection from n/a through 2.5.4 is vulnerable to Missing Authorization, enabling Privilege Escalation.
Product: Residential Address Detection
Active Installations: 200+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-27270
CVE-2024-8420 - The DHVC Form plugin for WordPress is vulnerable to privilege escalation allowing unauthenticated attackers to register as an administrator.
Product: DHVC Form plugin for WordPress
Active Installations: Unknown. Update to version 2.4.8, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8420
NVD References:
- https://codecanyon.net/item/dhvc-form-wordpress-form-for-visual-composer/8326593
CVE-2024-8425 - The WooCommerce Ultimate Gift Card plugin for WordPress allows unauthenticated attackers to upload arbitrary files on the server due to insufficient file type validation in certain functions.
Product: WordPress WooCommerce Ultimate Gift Card plugin
Active Installations: Unknown. No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8425
NVD References:
- https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057
CVE-2024-9193 - The WHMpress - WHMCS WordPress Integration Plugin is vulnerable to Local File Inclusion, allowing unauthenticated attackers to execute arbitrary PHP code and potentially gain administrative access to a site.
Product: WHMCS WHMpress
Active Installations: Unknown. Update to version 6.3-revision-1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9193
NVD References:
- https://whmpress.com/docs/change-log/
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26974
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26535
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
CVE-2024-8425 - The WooCommerce Ultimate Gift Card plugin for WordPress allows unauthenticated attackers to upload arbitrary files on the server due to insufficient file type validation in certain functions.
Product: WordPress WooCommerce Ultimate Gift Card plugin
Active Installations: Unknown. No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-8425
NVD References:
- https://codecanyon.net/item/woocommerce-ultimate-gift-card/19191057
CVE-2024-9193 - The WHMpress - WHMCS WordPress Integration Plugin is vulnerable to Local File Inclusion, allowing unauthenticated attackers to execute arbitrary PHP code and potentially gain administrative access to a site.
Product: WHMCS WHMpress
Active Installations: Unknown. Update to version 6.3-revision-1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-9193
NVD References:
- https://whmpress.com/docs/change-log/
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26974
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26535
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
CVE-2024-12824 - The Nokri – Job Board WordPress Theme for WordPress is vulnerable to privilege escalation via account takeover in versions up to 1.6.2 due to improper token value checking, allowing unauthenticated attackers to change passwords and gain access to accounts.
Product: Nokri Job Board WordPress Theme
Active Installations: Unknown. Update to version 1.6.3, or a newer patched version
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-12824
NVD References:
- https://themeforest.net/item/nokri-job-board-wordpress-theme/22677241
CVE-2025-1564 - The SetSail Membership plugin for WordPress allows unauthenticated attackers to log in as any user, including administrators, due to improper user verification.
Product: SetSail Membership plugin
Active Installations: Unknown. Update to version 1.1, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1564
NVD References:
- https://themeforest.net/item/setsail-travel-agency-theme/22832625
CVE-2025-1638 - The Alloggio Membership plugin for WordPress allows unauthenticated attackers to bypass authentication and log in as any user.
Product: Alloggio Membership plugin
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1638
NVD References:
- https://themeforest.net/item/alloggio-hotel-booking-theme/26775539
CVE-2025-1671 - The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in versions up to 1.1.6 due to inadequate user identity verification, allowing unauthenticated attackers to log in as any user, including administrators.
Product: The Academist Membership plugin for WordPress
Active Installations: Unknown. Update to version 1.2, or a newer patched version.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1671
NVD References:
CVE-2025-26974 - WP Multi Store Locator is vulnerable to Blind SQL Injection from versions n/a through 2.5.1.
Product: WPExperts.io WP Multi Store Locator
Active Installations: This plugin has been closed as of March 3, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
CVE-2025-26535 - Bitcoin / AltCoin Payment Gateway for WooCommerce is vulnerable to Blind SQL Injection from n/a through 1.7.6.
Product: Bitcoin / AltCoin Payment Gateway for WooCommerce
Active Installations: This plugin has been closed as of 4 February 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.3
CVE-2025-26966 - Aldo Latino PrivateContent allows for an Authentication Bypass Using an Alternate Path or Channel, impacting versions n/a through 8.11.5.
Product: Aldo Latino PrivateContent
Active Installations: This plugin has been closed as of September 10, 2022 and is not available for download. This closure is permanent. Reason: Author Request.
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26966
CVE-2025-26970 - Ark Theme Core is vulnerable to Code Injection due to improper control of generation of code, impacting versions from n/a through 1.70.0.
Product: Ark Theme Core
Active Installations: unknown
CVSS Score: 10.0
Sponsors
SANS
Survey | 2025 SANS CTI Survey: Navigating Uncertainty in Today’s Threat Landscape | This year’s report will explore: How CTI can help prepare organizations for unpredictable events, how CTI practices are being shaped, how automation and engineering are supporting CTI operations, the role of AI in cybersecurity, and how CTI teams plan their CTI programs. SANS wants to hear from you! Complete the survey by March 27 for a chance to win one of four $100 Amazon gift cards.
Microsoft
Webcast | Securing the Future with Microsoft Defender for Cloud: Best Practices and Insights | March 26, 1:00 ET | Join Dave Shackleford, and Microsoft’s Dick Lake, as they explore practical approaches to securing cloud environments. Gain a deeper understanding of key areas such as cloud security posture management, DevOps security, and detection and response strategies—all tailored to help you future-proof your organization in an ever-changing threat landscape. Save your seat today.
SANS
Survey | 2025 SANS CTI Survey: Navigating Uncertainty in Today’s Threat Landscape | This year’s report will explore: How CTI can help prepare organizations for unpredictable events, how CTI practices are being shaped, how automation and engineering are supporting CTI operations, the role of AI in cybersecurity, and how CTI teams plan their CTI programs. SANS wants to hear from you! Complete the survey by March 27 for a chance to win one of four $100 Amazon gift cards.
SANS
Survey | 2025 SANS CTI Survey: Navigating Uncertainty in Today’s Threat Landscape | This year’s report will explore: How CTI can help prepare organizations for unpredictable events, how CTI practices are being shaped, how automation and engineering are supporting CTI operations, the role of AI in cybersecurity, and how CTI teams plan their CTI programs. SANS wants to hear from you! Complete the survey by March 27 for a chance to win one of four $100 Amazon gift cards.