PHP Local File Inclusion (LFI) vulnerability in magentech Revo versions up to 4.0.26 that allows unauthenticated remote attackers to include and execute arbitrary local files through improper control of filename parameters in PHP include/require statements. An attacker can exploit this to read sensitive files, execute code, or compromise the affected system; the vulnerability requires user interaction (UI:R) but carries high impact across confidentiality, integrity, and availability. While no public exploit code or KEV status is currently confirmed in available intelligence, the combination of network accessibility, high CVSS score (7.5), and file inclusion primitives makes this a notable risk for unpatched Revo installations.
Pion Interceptor versions v0.1.36 through v0.1.38 contain a denial-of-service vulnerability in the RTP packet factory that allows unauthenticated remote attackers to trigger application panics via crafted RTP packets with malformed padding fields. This affects all applications using the Pion interceptor library for RTP/RTCP communication, with no authentication required and low attack complexity. The vulnerability has a CVSS score of 7.5 (High) with availability impact only; no evidence of active exploitation or public POC availability is documented.
Path traversal vulnerability in Spice Blocks (a WordPress plugin by spicethemes) affecting versions through 2.0.7.2 that allows unauthenticated remote attackers to read arbitrary files from the affected server. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector, no authentication required, and high confidentiality impact, making it a significant information disclosure risk for WordPress installations using this plugin.
A path traversal vulnerability (CWE-22) in Holest Engineering's Spreadsheet Price Changer for WooCommerce and WP E-commerce - Light plugin allows unauthenticated remote attackers to read arbitrary files from the server by manipulating file path parameters. The vulnerability affects all versions through 2.4.37 and has a CVSS score of 7.5, indicating high confidentiality impact with no authentication required. Real-world exploitability depends on confirmation of active exploitation status and proof-of-concept availability; the low attack complexity and network accessibility suggest this is a genuine, easily-exploitable threat to affected WordPress installations.
Path traversal vulnerability in LambertGroup CLEVER versions up to 2.6 that allows unauthenticated remote attackers to read arbitrary files from the affected system with high confidentiality impact. The vulnerability requires no user interaction and can be exploited over the network, making it a critical exposure for organizations running vulnerable CLEVER instances. While CVSS 7.5 indicates significant risk, actual exploitation depends on KEV listing status and public POC availability, which should be verified against current threat intelligence feeds.
Path traversal vulnerability in Apptha Slider Gallery versions up to 2.5 that allows unauthenticated remote attackers to read arbitrary files from the affected server by manipulating pathname parameters. The vulnerability has a CVSS score of 7.5 (High) with network-based attack vector requiring no privileges or user interaction, enabling confidentiality compromise of sensitive server files. Current KEV and EPSS status information is not provided in available sources, but the ease of exploitation (AC:L) and absence of authentication requirements significantly elevate real-world risk.
CVE-2025-26468 is an unauthenticated denial-of-service vulnerability in CyberData 011209 Intercom systems that allows remote attackers to disrupt system availability without requiring authentication or user interaction. The vulnerability has a CVSS score of 7.5 (High) with a network attack vector, indicating significant real-world risk from remote exploitation. While active exploitation status and POC availability cannot be confirmed from the provided data, the lack of authentication requirements (PR:N, UI:N) makes this a critical priority for affected organizations.
CyberData 011209 Intercom devices fail to properly store or protect web server administrator credentials, allowing unauthenticated remote attackers to obtain plaintext or weakly protected credentials with high confidence. This vulnerability (CVSS 7.5) affects web-based administrative interfaces and could lead to complete compromise of device configuration and control. No public exploit code or active KEV listing is confirmed at this time, but the vulnerability requires immediate attention due to the critical nature of credential exposure in networked intercom systems.
CVE-2025-48261 is an information disclosure vulnerability in MultiVendorX that allows unauthenticated remote attackers to retrieve sensitive data embedded within sent data through a network-accessible interface. The vulnerability affects MultiVendorX versions up to and including 4.2.22, with a CVSS score of 7.5 indicating high confidentiality impact. While no active KEV or public POC details were provided in the available intelligence, the network-accessible attack vector (AV:N) and lack of privilege requirements (PR:N) make this a material risk for exposed instances.
CVE-2025-31045 is an information disclosure vulnerability in the Elfsight Contact Form widget (versions through 2.3.1) that allows unauthenticated remote attackers to retrieve embedded sensitive data without any user interaction. The vulnerability exposes system information through an unauthorized control sphere, posing a high confidentiality risk with a CVSS score of 7.5. While the specific KEV status and EPSS probability are not provided in available sources, the network-accessible nature (AV:N) with no authentication required (PR:N) and lack of user interaction (UI:N) suggests this is readily exploitable by threat actors.
Missing Authorization (CWE-862) vulnerability in WP Swings Membership For WooCommerce that allows unauthenticated attackers to access functionality not properly constrained by Access Control Lists (ACLs). The vulnerability affects versions up to and including 2.8.1 of this WordPress/WooCommerce plugin, enabling unauthorized users to bypass membership restrictions and potentially access premium features or sensitive membership data without valid credentials. With a CVSS score of 7.5 and a network-accessible attack vector requiring no privileges or user interaction, this represents a significant exposure risk for e-commerce sites relying on this plugin for membership management.
A remote code execution vulnerability in Discourse (CVSS 7.1). High severity vulnerability requiring prompt remediation.
Missing Authorization vulnerability (CWE-862) in the Icegram Collect WordPress plugin versions up to 1.3.18 that allows authenticated attackers with low privileges to exploit misconfigured access controls. An attacker with a valid WordPress user account can modify or delete form data and potentially cause service disruption by leveraging inadequate authorization checks on sensitive operations, with no confidentiality impact but significant integrity and availability risks.
Missing Authorization vulnerability in Fahad Mahmood's Stock Locations for WooCommerce plugin (versions up to 2.8.6) that allows authenticated users with low privileges to perform unauthorized actions including information disclosure and availability disruption. An attacker with basic user credentials can bypass access controls to modify stock locations or trigger denial-of-service conditions due to improper privilege verification. This vulnerability has a CVSS score of 7.1 (High) and affects WooCommerce installations using the vulnerable plugin; KEV status and active exploitation data are not currently confirmed in public advisories.
Reflected Cross-Site Scripting (XSS) vulnerability in the WC MyParcel Belgium WordPress plugin (versions 4.5.5 through beta) that allows unauthenticated attackers to inject arbitrary JavaScript into web pages viewed by users. An attacker can craft a malicious URL to execute scripts in a victim's browser within the context of the affected website, potentially stealing session cookies, performing unauthorized actions, or redirecting users to phishing sites. The CVSS 7.1 score reflects moderate severity with network-based attack vector, no privilege requirements, and user interaction dependency; active exploitation status and POC availability are currently unknown from public sources.
Reflected Cross-Site Scripting (XSS) vulnerability in the SalesUp! Contact Form plugin (versions up to 1.0.14) that allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users. The vulnerability requires user interaction (clicking a malicious link) but can compromise confidentiality, integrity, and availability across security boundaries (CVSS 7.1). There is no indication of active exploitation in the wild or confirmed proof-of-concept at this time based on available intelligence.
A remote code execution vulnerability in moreconvert MC Woocommerce Wishlist allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.
A cross-site scripting vulnerability in revmakx Backup and Staging by WP Time Capsule allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.
Reflected Cross-Site Scripting (XSS) vulnerability in quitenicestuff Soho Hotel versions through 4.2.5 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by other users. With a CVSS score of 7.1 and network accessibility requiring only user interaction, this vulnerability enables attackers to steal session cookies, perform actions on behalf of victims, or redirect users to malicious sites. The vulnerability affects the hotel management software's input validation during web page generation, creating a reflected XSS attack vector that exploits insufficient output encoding.
A cross-site scripting vulnerability in Sneeit FlatNews allows Reflected XSS (CVSS 7.1). High severity vulnerability requiring prompt remediation.
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup SHOUT versions up to 3.5.3 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by victims. An attacker can craft a malicious URL containing JavaScript payloads that execute in the context of the victim's browser session, potentially stealing session tokens, credentials, or performing actions on behalf of the user. The vulnerability has a CVSS score of 7.1 (High), requires user interaction (clicking a malicious link), and affects network-accessible instances of SHOUT without authentication requirements.
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Universal Video Player versions up to 3.8.3 that allows unauthenticated attackers to inject arbitrary JavaScript code into web pages viewed by victims. The vulnerability has a CVSS score of 7.1 (High) and affects the popular video player component across multiple web applications. While no public exploit code or KEV listing is indicated in available intelligence, the low attack complexity and user interaction requirement present moderate real-world risk to deployed instances.
Reflected Cross-Site Scripting (XSS) vulnerability in themeton Spare versions up to 1.7 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. The vulnerability exists due to improper neutralization of user input during web page generation (CWE-79), enabling attackers to steal session tokens, perform actions on behalf of users, or redirect users to malicious sites. With a CVSS score of 7.1 and network-based attack vector requiring no special privileges, this vulnerability poses a moderate-to-significant risk to any organization deploying Spare.
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup's Sticky Radio Player that allows unauthenticated attackers to inject malicious scripts into web pages through improper input sanitization. Versions 3.4 and earlier are affected, enabling attackers to execute arbitrary JavaScript in victims' browsers with user interaction. While the CVSS score of 7.1 indicates medium-to-high severity with potential for session hijacking and credential theft, real-world exploitability depends on KEV status, proof-of-concept availability, and deployment prevalence of this niche WordPress plugin.
Reflected Cross-Site Scripting (XSS) vulnerability in redqteam's Wishlist plugin affecting versions up to 2.1.0. An unauthenticated attacker can craft malicious URLs containing unfiltered input that executes arbitrary JavaScript in a victim's browser when clicked, potentially leading to session hijacking, credential theft, or malware distribution. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction; current KEV/EPSS status and active exploitation details are not provided in available intelligence.
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Revolution Video Player versions up to 2.9.2 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by victims. The vulnerability has a CVSS score of 7.1 (High) with network-based attack vector requiring user interaction, enabling attackers to steal session tokens, redirect users, or perform actions on behalf of victims. Without confirmation of active exploitation (KEV status) or public proof-of-concept, this represents a moderate real-world threat dependent on deployment prevalence and user interaction feasibility.
Reflected Cross-Site Scripting (XSS) vulnerability in LambertGroup Universal Video Player versions up to 1.4.0 that allows unauthenticated attackers to inject malicious scripts into web pages viewed by users. The vulnerability has a CVSS score of 7.1 (High) with a network-based attack vector requiring user interaction. While the exact EPSS and KEV status cannot be confirmed from provided data, the reflected XSS classification and accessible attack surface suggest moderate-to-high real-world exploitation likelihood, particularly if POC code becomes available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nanbu Welcart e-Commerce allows Path Traversal. This issue affects Welcart e-Commerce: from n/a through 2.11.13.
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.
CVE-2025-47711 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.
Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through 2.1.2.
A security vulnerability in Missing Authorization vulnerability in relentlo StyleAI (CVSS 6.5) that allows accessing functionality not properly constrained. Remediation should follow standard vulnerability management procedures.
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 allows Stored XSS. This issue affects History Log by click5: from n/a through 1.0.13.
FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container (fastgpt-sandbox) is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated code in isolation. The sandbox before version 4.9.11 has insufficient isolation and inadequate restrictions on code execution by allowing overly permissive syscalls, which allows attackers to escape the intended sandbox boundaries. Attackers could exploit this to read and overwrite arbitrary files and bypass Python module import restrictions. This is patched in version 4.9.11 by restricting the allowed system calls to a safer subset and additional descriptive error messaging.
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/irc/server/servers/RFC2813/parseMessage.js. The manipulation of the argument line leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The manipulation leads to inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named 4454ebbdc7719016bf80ca0f34859ce5cee9f6b0. It is recommended to apply a patch to fix this issue.
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the argument cid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipulation of the argument itr_no leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement.
CVE-2025-5877 is a security vulnerability (CVSS 6.3). Risk factors: public PoC available.