SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
VOLUME 25ISSUE 18
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Python InfoStealer with Embedded Phishing Webserver
Published: 2025-05-06
Last Updated: 2025-05-06 06:02:58 UTC
by Xavier Mertens (Version: 1)
Infostealers are everywhere for a while now. If this kind of malware is not aggressive, their impact can be much more impacting to the victim. Attackers need always more and more data to be sold or reused in deeper scenarios. A lot of infostealers are similar and have the following capabilities:
* Antidebugging and anti-VM capabilities
* Persistence
* Data scanner (credentials, cookies, wallets, "interesting" keyword in files, ...)
* Exfiltration
I found another malicious Python script that implements all these capabilities. Persistence is implemented via a Registry key and a scheduled task (always have a backup solution ;-) ), a keylogger is started, the clipboard content is captured, a screenshot is taken every minute. All data is exfiltrated to a Telegram channel, encrypted with the Fernet() module ...
Read the full entry:
https://isc.sans.edu/diary/Python+InfoStealer+with+Embedded+Phishing+Webserver/31924/
"Mirai" Now Exploits Samsung MagicINFO CMS (CVE-2024-7399)
Published: 2025-05-05
Last Updated: 2025-05-06 02:10:41 UTC
by Johannes Ullrich (Version: 1)
Last August, Samsung patched an arbitrary file upload vulnerability that could lead to remote code execution. The announcement was very sparse and did not even include affected systems:
SVP-AUG-2024
SVE-2024-50018(CVE-2024-7399)
Weakness : Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server allows attackers to write arbitrary file as system authority.
Patch information : The patch modifies verification logic of the input.
At around the same time, a CVE was assigned to the vulnerability: CVE-2024-7399. The NVD entry has a little bit more details. In particular, it identifies a legacy CMS distributed by Samsung, MagicINFO 9, as the vulnerable software:
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
Read the full entry:
https://isc.sans.edu/diary/Mirai+Now+Exploits+Samsung+MagicINFO+CMS+CVE20247399/31920/
Internet Storm Center Entries
Example of "Modular" Malware (2025.05.07)
https://isc.sans.edu/diary/Example+of+Modular+Malware/31928/
Steganography Challenge (2025.05.03)
https://isc.sans.edu/diary/Steganography+Challenge/31910/
Steganography Analysis With pngdump.py: Bitstreams (2025.05.01)
https://isc.sans.edu/diary/Steganography+Analysis+With+pngdumppy+Bitstreams/31904/
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2021-20016 - SonicWall SSLVPN SMA100 SQL Injection Vulnerability
Product: SonicWall SSLVPN SMA100
CVSS Score: 0
** KEV since 2021-11-03 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2021-20016
ISC Podcast:
CVE-2023-44221 - SMA100 SSL-VPN management interface is vulnerable to OS Command Injection by remote authenticated attackers with administrative privilege.
Product: SonicWall SMA 500V Firmware
CVSS Score: 0
** KEV since 2025-05-01 **
NVD:
CVE-2024-7399 - Samsung MagicINFO 9 Server versions before 21.1050 is vulnerable to allowing attackers to write arbitrary files in restricted directories as system authority.
Product: Samsung MagicINFO 9 Server
CVSS Score: 0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-7399
ISC Diary:
https://isc.sans.edu/diary/31920
ISC Podcast:
CVE-2025-24252 - macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4, iPadOS 18.4, and visionOS 2.4 prior to the update suffered from a use-after-free vulnerability that could allow a local network attacker to corrupt process memory.
Product: Multiple Apple products
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24252
NVD References:
-
https://support.apple.com/en-us/122371
-
https://support.apple.com/en-us/122372
-
https://support.apple.com/en-us/122373
-
https://support.apple.com/en-us/122374
-
https://support.apple.com/en-us/122375
-
https://support.apple.com/en-us/122377
-
CVE-2025-4083 - Firefox and Thunderbird versions below 138 and 128.10, respectively, are susceptible to a process isolation vulnerability when handling javascript: URIs, leading to possible sandbox escape.
Product: Mozilla Firefox and Thunderbird
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-4083
NVD References:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1958350
-
https://www.mozilla.org/security/advisories/mfsa2025-28/
-
https://www.mozilla.org/security/advisories/mfsa2025-29/
-
https://www.mozilla.org/security/advisories/mfsa2025-30/
-
https://www.mozilla.org/security/advisories/mfsa2025-31/
-
CVE-2025-25403 - Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in admin/modules/master_file/coll_type.php.
Product: Slims (Senayan Library Management Systems)
CVSS Score: 9.8
NVD:
CVE-2025-25962 - Coresmartcontracts Uniswap v.3.0 vulnerability allows remote attackers to escalate privileges via the _modifyPosition function.
Product: Coresmartcontracts Uniswap
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-25962
NVD References:
-
https://github.com/CVEProject/docs/blob/gh-pages/requester/reservation-guidelines.md
-
cve-2025-25962 - f7cf21536978
CVE-2025-46348 - YesWiki allows for unauthorized site backups to be created and downloaded, potentially leading to file system overload or exposure of sensitive information.
Product: YesWiki
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46348
NVD References:
-
https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530
-
https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95
CVE-2025-32444 - vLLM is vulnerable to remote code execution due to insecure ZeroMQ sockets when integrated with mooncake versions prior to 0.8.5.
Product: vLLM
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32444
NVD References:
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7
CVE-2025-45017, CVE-2025-45018, & CVE-2025-45019 - PHPGurukul Park Ticketing Management System v2.0 SQL injection vulnerabilities
Product: PHPGurukul Park Ticketing Management System v2.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45017
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45018
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45019
NVD References:
-
-
-
CVE-2025-32973 - XWiki allows attackers to gain programming rights on the wiki by exploiting a lack of warning when editing documents containing XWiki.ComponentClass objects, patched in versions 15.10.12, 16.4.3, and 16.8.0-rc-1.
Product: XWiki Platform
CVSS Score: 9.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32973
NVD References:
-
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x7wv-5qg4-vmr6
-
CVE-2025-32974 - XWiki is vulnerable to an issue in versions 15.9-rc-1 to before 15.10.8 and 16.0.0-rc-1 to before 16.2.0, allowing users to insert malicious scripts that could impact the system's security.
Product: XWiki Platform
CVSS Score: 9.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32974
NVD References:
-
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mvgm-3rw2-7j4r
-
CVE-2025-46558 - XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown, making versions 8.2 to before 8.9 vulnerable to XSS attacks through embedded Javascript code, compromising the security of the entire XWiki installation.
Product: XWiki Contrib Syntax Markdown
CVSS Score: 9.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46558
NVD References:
-
https://github.com/xwiki-contrib/syntax-markdown/security/advisories/GHSA-8g2j-rhfh-hq3r
-
CVE-2025-30390 - Improper authorization in Azure allows an authorized attacker to elevate privileges over a network.
Product: Azure
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30390
NVD References:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30390
CVE-2025-30392 - Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
Product: Azure Bot Framework SDK
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-30392
NVD References:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30392
CVE-2025-44192 - SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay_management/admin/?page=view_clearance.
Product: SourceCodester Simple Barangay Management System v1.0
CVSS Score: 9.8
NVD:
CVE-2025-47154 - Ladybird's LibJS vulnerability before f5a6704 could allow remote attackers to execute arbitrary code via a crafted .js file due to mishandling the freeing of vector arguments_list.
Product: Ladybird LibJS
CVSS Score: 9.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-47154
NVD References:
-
https://jessie.cafe/posts/pwning-ladybirds-libjs/
-
CVE-2025-46337 - ADOdb is vulnerable to SQL injection attacks prior to version 5.22.9 when connecting to a PostgreSQL database and using user-supplied data with pg_insert_id().
Product: ADOdb PHP database class library
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46337
NVD References:
-
https://github.com/ADOdb/ADOdb/issues/1070
-
https://github.com/ADOdb/ADOdb/security/advisories/GHSA-8x27-jwjr-8545
CVE-2025-24522 - KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable to unauthenticated remote attackers gaining full access to the Node-RED server due to lack of default authentication configuration.
Product: KUNBUS Revolution Pi OS Bookworm
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24522
NVD References:
-
http://packages.revolutionpi.de/pool/main/p/pictory/
-
https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01
CVE-2025-32011 - KUNBUS PiCtory versions 2.5.0 through 2.11.1 are vulnerable to authentication bypass via path traversal, allowing remote attackers to access the system without proper authentication.
Product: KUNBUS PiCtory
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32011
NVD References:
-
http://packages.revolutionpi.de/pool/main/p/pictory/
-
https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01
CVE-2025-35996 - KUNBUS PiCtory version 2.11.1 and earlier allows an authenticated remote attacker to conduct a cross-site scripting attack via a specially crafted filename passed through API endpoints.
Product: KUNBUS PiCtory
CVSS Score: 9.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-35996
NVD References:
-
http://packages.revolutionpi.de/pool/main/p/pictory/
-
https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01
CVE-2024-48905 - Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.
Product: Sematell ReplyOne
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-48905
NVD References:
-
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-082.txt
CVE-2025-3708 - Le-show medical practice management system from Le-yan is vulnerable to SQL Injection, which can be exploited by remote attackers to manipulate the database and access sensitive information.
Product: Le-yan Le-show medical practice management system
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3708
NVD References:
-
https://www.twcert.org.tw/en/cp-139-10086-dbfd0-2.html
-
CVE-2025-3709 - Agentflow from Flowring Technology is susceptible to an Account Lockout Bypass vulnerability permitting remote attackers to conduct password brute force attacks without authentication.
Product: Flowring Technology Agentflow
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3709
NVD References:
-
https://www.twcert.org.tw/en/cp-139-10090-112f7-2.html
-
CVE-2025-2812 - Mydata Informatics Ticket Sales Automation before 03.04.2025 is vulnerable to Blind SQL Injection due to improper neutralization of special elements in SQL commands.
Product: Mydata Informatics Ticket Sales Automation
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2812
NVD References:
CVE-2025-2605 - Honeywell MB-Secure is vulnerable to privilege abuse due to improper neutralization of special elements used in an OS command, affecting versions from V11.04 to V12.53 and MB-Secure PRO from V01.06 to V03.09.
Product: Honeywell MB-Secure
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2605
NVD References:
https://www.honeywell.com/us/en/product-security#security-notices
CVE-2025-44868 - Wavlink WL-WN530H4 20220801 is susceptible to command injection through the ping_test function in the adm.cgi, enabling attackers to run malicious commands.
Product: Wavlink WL-WN530H4
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44868
NVD References:
https://github.com/Summermu/VulnForIoT/tree/main/Wavlink_WL-WN530H4/ping_test/readme.md
CVE-2025-44872 & CVE-2025-44877 - Tenda AC9 V15.03.06.42_multi command injection vulnerabilities
Product: Tenda AC9
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44872
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44877
NVD References:
-
https://github.com/Summermu/VulnForIoT/tree/main/Tenda_AC/AC9_formsetUsbUnload
-
https://github.com/Summermu/VulnForIoT/tree/main/Tenda_AC/AC9_formSetSambaConf
CVE-2025-45042 - Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.
Product: Tenda AC9
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45042
NVD References:
https://github.com/Ghostsuzhijian/Iot-/blob/main/ac9_telnetd/rx3_telnetd.md
CVE-2025-2905 - WSO2 API Manager has an XML External Entity (XXE) vulnerability in its gateway component, allowing unauthenticated remote attackers to read files from the server's filesystem or launch denial-of-service attacks.
Product: WSO2 API Manager
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2905
NVD References:
CVE-2025-27920 - Output Messenger before 2.0.63 was vulnerable to a directory traversal attack allowing attackers to access sensitive files outside the intended directory.
Product: Output Messenger
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27920
NVD References:
-
https://www.outputmessenger.com/cve-2025-27920/
-
CVE-2025-45322 - kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.
Product: kashipara Online Service Management Portal V1.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45322
NVD References:
CVE-2025-24977 - OpenCTI allows any user with `manage customizations` capability to execute commands on the underlying infrastructure and access internal server side secrets via web-hooks, leading to potential root shell access and further attacks, fixed in version 6.4.11.
Product: OpenCTI platform
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24977
NVD References:
https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-mf88-g2wq-p7qm
CVE-2025-45238 - foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method.
Product: foxcms v1.2.5
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45238
NVD References:
-
https://gist.github.com/chao112122/27010786774f2bb584cc715fb027b95c
-
CVE-2025-4052 - Google Chrome DevTools prior to version 136.0.7103.59 had a low severity vulnerability that could allow a remote attacker to bypass access controls by tricking a user with specific UI gestures.
Product: Google Chrome
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-4052
NVD References:
-
https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html
-
CVE-2025-45607 - An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
Product: itranswarp v2.19
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45607
NVD References:
CVE-2025-45611 - Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request.
Product: hope-boot v1.0.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45611
NVD References:
CVE-2025-45612 - Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index.
Product: xmall v1.1
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45612
NVD References:
CVE-2025-45615 - Yaoqishan v0.0.1-SNAPSHOT is vulnerable to attackers gaining Admin rights through crafted requests due to incorrect access control in the /admin/ API.
Product: yaoqishan v0.0.1-SNAPSHOT
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45615
NVD References:
CVE-2025-45616 - brcc v1.2.0's /admin/** API has incorrect access control, enabling attackers to gain Admin rights through a crafted request.
Product: brcc v1.2.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45616
NVD References:
CVE-2025-44071 - SeaCMS v13.3 is vulnerable to remote code execution through phomebak.php, enabling attackers to run arbitrary code with a crafted request.
Product: SeaCMS v13.3
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44071
NVD References:
https://github.com/202110420106/CVE/blob/master/seacms/seacms_rce.md
CVE-2025-44072 & CVE-2025-44074 - SeaCMS v13.3 was discovered to contain SQL injection vulnerabilities.
Product: SeaCMS v13.3
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44072
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-44074
NVD References:
-
https://github.com/202110420106/CVE/blob/master/seacms/seacms_manage_sql.md
-
https://github.com/202110420106/CVE/blob/master/seacms/seacms_topic_sql.md
CVE-2025-25014 - Kibana is vulnerable to prototype pollution, allowing arbitrary code execution through crafted HTTP requests to machine learning and reporting endpoints.
Product: Kibana
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-25014
NVD References:
https://discuss.elastic.co/t/kibana-8-17-6-8-18-1-or-9-0-1-security-update-esa-2025-07/377868
CVE-2024-12225 - Quarkus is vulnerable to unauthorized access due to default REST endpoints remaining accessible when developers provide custom REST endpoints.
Product: Quarkus quarkus-security-webauthn
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-12225
NVD References:
-
https://access.redhat.com/security/cve/CVE-2024-12225
-
https://bugzilla.redhat.com/show_bug.cgi?id=2330484
CVE-2025-27007 - Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.
Product: Brainstorm Force SureTriggers
Active Installations: 100,000+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27007
NVD References:
-
-
CVE-2025-3746 - The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation and account takeover in versions 2.0.14 to 2.0.59, allowing unauthenticated attackers to change email addresses and reset passwords.
Product: WordPress OTP-less one tap Sign in plugin
Active Installations: This plugin has been closed as of April 30, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3746
NVD References:
-
https://plugins.trac.wordpress.org/browser/otpless/tags/2.0.59./includes/class-login.php
-
CVE-2025-3918 - The Job Listings plugin for WordPress is vulnerable to Privilege Escalation through unauthenticated attackers elevating their privileges by manipulating user roles.
Product: WordPress Job Listings plugin
Active Installations: This plugin has been closed as of May 1, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3918
NVD References:
-
-
https://wordpress.org/plugins/job-listings/#developers
-
CVE-2025-1909 - The BuddyBoss Platform Pro plugin for WordPress up to version 2.7.01 is vulnerable to authentication bypass through Apple OAuth, allowing unauthenticated attackers to impersonate any user with access to the email.
Product: BuddyBoss Platform Pro plugin for WordPress
Active Installations: Unknown. Update to version 2.7.10, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1909
NVD References:
-
https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/
-
https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/2-7-10/
-
CVE-2025-0855 - The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 5.8.0, allowing unauthenticated attackers to inject a PHP Object and potentially execute harmful actions.
Product: WordPress PGS Core plugin
Active Installations: Unknwon. Update to version 5.9.0, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-0855
NVD References:
-
https://docs.potenzaglobalsolutions.com/docs/ciyashop-wp/changelog/
-
CVE-2025-3844 - The PeproDev Ultimate Profile Solutions plugin for WordPress allows unauthenticated attackers to login as other users, including administrators, due to an Authentication Bypass vulnerability in versions 1.9.1 to 7.5.2.
Product: PeproDev Ultimate Profile Solutions plugin for WordPress
Active Installations: This plugin has been closed as of May 5, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3844
NVD References:
-
https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L1483
-
https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L2836
-
CVE-2025-27007 - Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers: from n/a through 1.0.82.
Product: Brainstorm Force SureTriggers
Active Installations: 100,000+
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-27007
NVD References:
-
-
CVE-2025-3746 - The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation and account takeover in versions 2.0.14 to 2.0.59, allowing unauthenticated attackers to change email addresses and reset passwords.
Product: WordPress OTP-less one tap Sign in plugin
Active Installations: This plugin has been closed as of April 30, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3746
NVD References:
-
https://plugins.trac.wordpress.org/browser/otpless/tags/2.0.59./includes/class-login.php
-
CVE-2025-3918 - The Job Listings plugin for WordPress is vulnerable to Privilege Escalation through unauthenticated attackers elevating their privileges by manipulating user roles.
Product: WordPress Job Listings plugin
Active Installations: This plugin has been closed as of May 1, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3918
NVD References:
-
-
https://wordpress.org/plugins/job-listings/#developers
-
CVE-2025-1909 - The BuddyBoss Platform Pro plugin for WordPress up to version 2.7.01 is vulnerable to authentication bypass through Apple OAuth, allowing unauthenticated attackers to impersonate any user with access to the email.
Product: BuddyBoss Platform Pro plugin for WordPress
Active Installations: Unknown. Update to version 2.7.10, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1909
NVD References:
-
https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/
-
https://www.buddyboss.com/resources/buddyboss-platform-pro-releases/2-7-10/
-
CVE-2025-0855 - The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 5.8.0, allowing unauthenticated attackers to inject a PHP Object and potentially execute harmful actions.
Product: WordPress PGS Core plugin
Active Installations: Unknwon. Update to version 5.9.0, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-0855
NVD References:
-
https://docs.potenzaglobalsolutions.com/docs/ciyashop-wp/changelog/
-
CVE-2025-3844 - The PeproDev Ultimate Profile Solutions plugin for WordPress allows unauthenticated attackers to login as other users, including administrators, due to an Authentication Bypass vulnerability in versions 1.9.1 to 7.5.2.
Product: PeproDev Ultimate Profile Solutions plugin for WordPress
Active Installations: This plugin has been closed as of May 5, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3844
NVD References:
-
https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L1483
-
https://plugins.trac.wordpress.org/browser/peprodev-ups/tags/7.5.2/login/login.php#L2836
-
Sponsors
Short description of the section to provide users context and value of the content being featured in this carousel.
Wiz
Organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes so they can build faster and more securely.
SANS
SANS Institute
SANS
SANS Institute
Broadcom Inc.
Broadcom Inc. is a global infrastructure technology leader built on 50 years of innovation, collaboration and engineering excellence. With roots based in the rich technical heritage of AT&T/Bell Labs, Lucent and Hewlett-Packard/Agilent, Broadcom focuses on technologies that connect our world. Through the combination of industry leaders Broadcom, LSI, Broadcom Corporation, Brocade, CA Technologies and Symantec, the company has the size, scope and engineering talent to lead the industry into the future.