Skip to main content
CVE-2025-60730 HIGH POC This Week

Arbitrary file deletion in PerfreeBlog 4.0.11 lets attackers remove files outside the intended theme directory by abusing the unInstallTheme theme-management function. Publicly available exploit code exists, though the flaw is not on CISA KEV and carries a low EPSS score (0.31%, 22nd percentile), indicating limited real-world exploitation to date. The CVSS 3.1 vector (PR:N/UI:R) implies an unauthenticated attacker who tricks an interacting user into triggering the deletion, consistent with a CSRF-style delivery against an administrator.

Information Disclosure Perfreeblog
NVD GitHub
CVSS 3.1
7.6
EPSS
0.3%
CVE-2025-11253 CRITICAL Act Now

Unauthenticated SQL injection in Aksis Technology Netty ERP versions prior to V.1.1000 allows remote attackers to manipulate backend database queries with full confidentiality, integrity, and availability impact (CVSS 9.8). The flaw is rooted in improper neutralization of special elements in SQL commands (CWE-89), and no public exploit has been identified at time of analysis, though the Turkish national CSIRT (USOM) has issued a public bulletin tracking this issue.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-60729 MEDIUM POC This Month

Arbitrary file read in PerfreeBlog v4.0.11 allows unauthenticated remote attackers to read files outside the intended web root by bypassing path validation in the validThemeFilePath function. The vulnerability is network-exploitable with no authentication or user interaction required, and a public proof-of-concept is documented on GitHub. No active exploitation has been confirmed by CISA KEV, and the EPSS score of 0.33% suggests limited observed exploitation activity despite the POC's existence.

Buffer Overflow Perfreeblog
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2025-12028 HIGH This Week

Cross-Site Request Forgery in WordPress IndieAuth plugin (all versions ≤4.5.4) enables unauthenticated attackers to force authenticated users to authorize malicious OAuth applications, leading to account takeover with full administrative privileges (create, update, delete scopes). Missing nonce validation on login_form_indieauth() and the /wp-login.php?action=indieauth authorization endpoint allows attackers to steal authorization codes and exchange them for access tokens. CVSS 8.8 (High) with network attack vector and low complexity. EPSS data not available; no confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis. Patch released in version 4.5.5.

WordPress Microsoft CSRF PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-60735 HIGH This Week

Arbitrary file upload in PerfreeBlog 4.0.11 lets an authenticated user abuse the installPlugin function to upload malicious files, likely enabling web shell deployment and remote code execution on the blog server. A public technical write-up with proof-of-concept exists on GitHub, though the flaw is not listed in CISA KEV and carries a low EPSS score (0.28%, 20th percentile), indicating no confirmed widespread exploitation yet.

File Upload Perfreeblog
NVD GitHub
CVSS 3.1
7.6
EPSS
0.3%
CVE-2025-60731 HIGH This Week

Arbitrary file upload in PerfreeBlog v4.0.11 lets an authenticated attacker abuse the installTheme function to upload malicious files (e.g. a web shell), typically resulting in server-side code execution and full compromise of the blog host. The flaw is a classic unrestricted-upload issue (CWE-434) reachable over the network by a low-privileged authenticated user; publicly available exploit code exists in the form of a GitHub write-up, though EPSS exploitation probability remains low (0.28%, 20th percentile) and it is not listed in CISA KEV.

File Upload Perfreeblog
NVD GitHub
CVSS 3.1
7.6
EPSS
0.3%
CVE-2025-11145 HIGH This Week

Information disclosure in CBK Soft enVision before version 250566 allows remote unauthenticated attackers to perform account footprinting by observing response discrepancies, enabling enumeration of valid user accounts and exposure of private personal information. No public exploit identified at time of analysis, and EPSS scoring (0.04%, 14th percentile) indicates very low near-term exploitation probability despite the High CVSS rating of 7.5.

Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-11889 HIGH This Week

Arbitrary file upload in AIO Forms (WordPress plugin) through version 1.3.18 enables authenticated administrators to upload malicious files and execute arbitrary code on the server. The vulnerability stems from insufficient file type validation in the plugin's import functionality (CWE-434). While requiring administrator-level access (CVSS PR:H), this represents a privilege escalation risk in compromised or multi-admin environments and could enable persistent backdoor installation. No public exploit identified at time of analysis, and exploitation requires high-privilege credentials, limiting immediate mass-exploitation risk.

WordPress File Upload RCE
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2025-56438 MEDIUM This Month

The firmware update mechanism in Nous W3 Smart WiFi Camera v1.33.50.82 fails to verify the authenticity or integrity of update archives, enabling a physically proximate unauthenticated attacker to escalate privileges to root by inserting a crafted update.tar on a FAT32 SD card. Full device compromise (C:H/I:H/A:H) is achievable with no authentication and low attack complexity once physical access is obtained. No public exploit has been confirmed via CISA KEV, and the EPSS score of 0.14% (3rd percentile) reflects the limited exploitation probability imposed by the physical access prerequisite.

Privilege Escalation
NVD GitHub
CVSS 3.1
6.8
EPSS
0.1%
CVE-2025-10748 MEDIUM This Month

SQL injection in RapidResult WordPress plugin versions up to 1.2 allows authenticated attackers with contributor-level permissions to extract sensitive database information via insufficient escaping of the 's' parameter. The vulnerability affects all versions through 1.2 and requires valid WordPress account credentials, limiting exposure to sites where user registration is enabled or internal contributors exist.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-60419 MEDIUM This Month

Denial of service in the Realtek NDIS Usermode IO driver (RtkIOAC60.sys v6.0.5600.16348) on Windows allows a local authenticated attacker to crash or hang the driver by sending a specially crafted IOCTL request to the device. The root cause is uncontrolled resource consumption (CWE-400), meaning the driver fails to properly validate or bound input from the IOCTL, leading to availability loss. No public exploit code or active exploitation has been identified at time of analysis; EPSS sits at the 4th percentile, reflecting minimal observed scanning or exploitation activity.

Denial Of Service
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2025-10749 MEDIUM This Month

Arbitrary media deletion in Microsoft Azure Storage for WordPress plugin versions up to 4.5.1 allows authenticated subscribers and above to delete any media files from the WordPress Media Library due to missing capability checks on the 'azure-storage-media-replace' AJAX action. The vulnerability requires access to a nonce that is exposed to all authenticated users, enabling low-privilege attackers to perform unauthorized file deletion with no user interaction required. No public exploit code has been identified at the time of analysis.

WordPress Microsoft Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-10902 MEDIUM This Month

Originality.ai AI Checker plugin for WordPress allows authenticated attackers with Subscriber-level access to delete all scan result data from the wp_originalityai_log database table due to missing capability checks on the ai_scan_result_remove function in versions up to 1.0.15. The vulnerability enables unauthorized data loss affecting post titles, scan scores, and credit usage records; exploitation requires only standard WordPress authentication and no user interaction.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-10901 MEDIUM This Month

Originality.ai AI Checker WordPress plugin versions up to 1.0.16 allow authenticated Subscriber-level users to read sensitive data from the wp_originalityai_log database table due to missing capability checks on the 'ai_get_table' AJAX function. An attacker with basic WordPress account privileges can access post titles, scan scores, credit usage, and other logged information without authorization. No public exploit code or active exploitation has been confirmed at time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-40022 Monitor

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Commit 1b34cbbf4f01 ("crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg") changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to these fields, specifically 'more' and 'merge', assign values greater than 1. These relied on C's implicit conversion to bool, such that zero becomes false and nonzero becomes true. With a 1-bit bitfields of type u32 instead, mod 2 of the value is taken instead, resulting in 0 being assigned in some cases when 1 was intended. Fix this by restoring the bool type.

Information Disclosure Linux
NVD
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy