Skip to main content
CVE-2025-4336 HIGH POC This Week

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function in all versions up to, and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

WordPress RCE File Upload
NVD GitHub
CVSS 3.1
8.1
EPSS
1.9%
CVE-2025-5129 HIGH POC This Month

A vulnerability has been found in Sangfor 零信任访问控制系统 aTrust 2.3.10.60 and classified as critical. Rated high severity (CVSS 7.3). Public exploit code available and no vendor patch available.

Information Disclosure Atrust
NVD VulDB
CVSS 4.0
7.3
EPSS
0.1%
CVE-2025-5126 HIGH POC THREAT This Month

A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.9%.

Command Injection PHP Flir Ax8 Firmware
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
10.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy