Latest Vulnerabilities

CVE ID : CVE-2025-1510 Published : Feb. 22, 2025, 4:15 a.m. | 19 minutes ago Description : The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-13873 Published : Feb. 22, 2025, 4:15 a.m. | 19 minutes ago Description : The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.8 via the deleteUserPhoto() function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to remove profile photos from users accounts. Please note that this does not officially delete the file. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-13899 Published : Feb. 22, 2025, 4:15 a.m. | 19 minutes ago Description : The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. Severity: 7.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-1509 Published : Feb. 22, 2025, 4:15 a.m. | 19 minutes ago Description : The The Show Me The Cookies plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2023-4261 Published : Feb. 22, 2025, 3:15 a.m. | 1 hour, 19 minutes ago Description : Rejected reason: This CVE ID is Rejected because the issue was not a vulnerability. The data field reported is not attacker controlled. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-22341 Published : Feb. 22, 2025, 1:15 a.m. | 3 hours, 19 minutes ago Description : IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data access from a remote data source object due to improper privilege management. Severity: 5.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-45674 Published : Feb. 22, 2025, 12:15 a.m. | 4 hours, 19 minutes ago Description : IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user. Severity: 3.3 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27106 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host system due to a command injection vulnerability in the `/restore` endpoint. The restore endpoint of binance-trading-bot is vulnerable to command injection via the `/restore` endpoint. The name of the uploaded file is passed to shell.exec without sanitization other than path normalization, resulting in Remote Code Execution. This may allow any authorized user to execute code in the context of the host machine. This issue has been addressed in version 0.0.100 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27108 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript’s `.replace()` opens up to potential Cross-site Scripting (XSS) vulnerabilities with the special replacement patterns beginning with `$`. Particularly, when the attributes of `Meta` tag from solid-meta are user-defined, attackers can utilise the special replacement patterns, either `$’` or `$\“ to achieve XSS. The solid-meta package has this issue since it uses `useAffect` and context providers, which injects the used assets in the html header. “dom-expressions” uses `.replace()` to insert the assets, which is vulnerable to the special replacement patterns listed above. This effectively means that if the attributes of an asset tag contained user-controlled data, it would be vulnerable to XSS. For instance, there might be meta tags for the open graph protocol in a user profile page, but if attackers set the user query to some payload abusing `.replace()`, then they could execute arbitrary javascript in the victim’s web browser. Moreover, it could be stored and cause more problems. This issue has been addressed in version 0.39.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27109 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments. This issue has been addressed in version 1.9.4 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27104 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expression cannot produce multiple writes, it can consume side effects produced in the loop body (e.g. read a storage variable updated in the loop body) and thus lead to unexpected program behavior. Specifically, reads in iterators which contain an ifexp (e.g. `for s: uint256 in ([read(), read()] if True else [])`) may interleave reads with writes in the loop body. Vyper for loops allow two kinds of iterator targets, namely the `range()` builtin and an iterable type, like SArray and DArray. During codegen, iterable lists are required to not produce any side-effects (in the following code, `range_scope` forces `iter_list` to be parsed in a constant context, which is checked against `is_constant`). However, this does not prevent the iterator from consuming side effects provided by the body of the loop. For SArrays on the other hand, `iter_list` is instantiated in the body of a `repeat` ir, so it can be evaluated several times. This issue is being addressed and is expected to be available in version 0.4.1. Users are advised to upgrade as soon as the patched release is available. There are no known workarounds for this vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-27105 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the bounds check will not be re-evaluated during the write portion of the statement. This issue has been addressed in version 0.4.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-26622 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the babylonian method to calculate square roots of decimals. Unfortunately, improper handling of the oscillating final states may lead to sqrt incorrectly returning rounded up results. This issue is being addressed and a fix is expected in version 0.4.1. Users are advised to upgrade as soon as the patched release is available. There are no known workarounds for this vulnerability. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2019-8900 Published : Feb. 21, 2025, 10:15 p.m. | 6 hours, 19 minutes ago Description : A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. This vulnerability allows arbitrary code to be executed on the device. Exploiting the vulnerability requires physical access to the device: the device must be plugged in to a computer upon booting, and it must be put into Device Firmware Update (DFU) mode. The exploit is not persistent; rebooting the device overrides any changes to the device’s software that were made during an exploited session on the device. Additionally, unless an attacker has access to the device’s unlock PIN or fingerprint, an attacker cannot gain access to information protected by Apple’s Secure Enclave or Touch ID features. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25282 Published : Feb. 21, 2025, 9:15 p.m. | 7 hours, 19 minutes ago Description : RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Reference (IDOR) vulnerability that may lead to unauthorized cross-tenant access (list tenant user accounts, add user account into other tenant). Unauthorized cross-tenant access: list user from other tenant (e.g., via GET //user/list), add user account to other tenant (POST //user). This issue has not yet been patched. Users are advised to reach out to the project maintainers to coordinate a fix. Severity: 8.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-1555 Published : Feb. 21, 2025, 9:15 p.m. | 7 hours, 19 minutes ago Description : A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25604 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25605 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25767 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25768 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attackers to execute arbitrary code via a crafted payload. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25769 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25770 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25772 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted request. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2020-19248 Published : Feb. 21, 2025, 7:15 p.m. | 9 hours, 19 minutes ago Description : SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user’s ability to contaminate template content by searching for page contamination URLs, thus triggering vulnerabilities when the program uses eval statements to parse templates. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-25878 Published : Feb. 21, 2025, 6:16 p.m. | 10 hours, 18 minutes ago Description : A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data. Severity: 3.8 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more…