Skip to main content
CVE-2025-13314 MEDIUM This Month

Unauthenticated attackers can modify plugin settings and create arbitrary filter options in the Filter Plus plugin for WordPress (versions up to 1.1.6) due to missing capability checks on AJAX actions 'filter_save_settings' and 'add_filter_options'. This allows unauthorized data modification with no confidentiality impact but enables attackers to alter product filtering functionality without authentication. The vulnerability has a low EPSS score (0.08%, 23rd percentile) despite network accessibility, indicating limited real-world exploitation likelihood.

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13440 MEDIUM This Month

Premmerce Wishlist for WooCommerce plugin versions up to 1.1.10 fails to enforce authorization checks on the deleteWishlist() function, allowing authenticated Subscriber-level users to delete arbitrary wishlists belonging to other users. The vulnerability stems from missing capability validation rather than authentication bypass; while the CVSS vector indicates unauthenticated access (PR:N), the description specifies Subscriber-level authentication is required, suggesting the vector may reflect the function's accessibility rather than actual authentication bypass. With EPSS of 0.04% and no public exploit code identified, real-world exploitation risk is minimal despite the authorization flaw.

WordPress Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-12883 MEDIUM This Month

Unauthenticated payment bypass in Campay Woocommerce Payment Gateway plugin (versions up to 1.2.2) allows remote attackers to mark orders as successfully completed without actually processing payment, directly resulting in financial loss. The vulnerability stems from insufficient transaction validation in the payment processing workflow, enabling attackers to manipulate order status through the payment gateway interface.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-13972 MEDIUM This Month

Arbitrary file read in WatchTowerHQ WordPress plugin versions up to 3.16.0 allows authenticated administrators with valid access tokens to read sensitive server files via path traversal in the 'wht_download_big_object_origin' parameter. The vulnerability exploits insufficient path validation in the handle_big_object_download_request function, potentially exposing database credentials and authentication keys. No public exploit code or active exploitation has been confirmed at time of analysis.

Path Traversal WordPress
NVD
CVSS 3.1
4.9
EPSS
0.2%
CVE-2025-14467 MEDIUM This Month

Stored Cross-Site Scripting in WP Job Portal plugin for WordPress up to version 2.4.4 allows authenticated attackers with Editor-level access or higher to inject arbitrary JavaScript into job description fields by exploiting explicit whitelisting of the `<script>` tag in the WPJOBPORTAL_ALLOWED_TAGS configuration. The injected scripts execute when users view affected job listings, enabling session hijacking, credential theft, and other malicious activities. Impact is limited to multi-site installations or sites with unfiltered_html disabled. CVSS score of 4.4 reflects the high privilege requirement (PR:H) and high attack complexity (AC:H), though the vulnerability affects a potentially large number of WordPress installations.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2025-14354 MEDIUM This Month

Cross-Site Request Forgery in Resource Library for Logged In Users WordPress plugin (all versions up to 1.5) allows unauthenticated attackers to perform unauthorized administrative actions including creating, editing, and deleting resources and categories by tricking a site administrator into clicking a malicious link. The vulnerability stems from missing nonce validation on multiple administrative functions. With an EPSS score of 0.02% and low real-world exploitation probability despite the CVSS 4.3 score, this represents a lower-priority vulnerability requiring user interaction and administrative privileges on the target site.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-14065 MEDIUM This Month

Simple Bike Rental WordPress plugin versions up to 1.0.6 allow authenticated subscribers to retrieve sensitive customer booking data due to missing capability checks on the 'simpbire_carica_prenotazioni' AJAX action. Attackers with subscriber-level access can exfiltrate personally identifiable information including names, email addresses, and phone numbers from all booking records. CVSS 4.3 reflects the moderate severity of unauthorized information disclosure without requiring administrative access.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-14074 MEDIUM This Month

Authenticated attackers with Subscriber-level access can duplicate arbitrary WordPress posts via the PDF for Contact Form 7 + Drag and Drop Template Builder plugin (versions up to 6.3.3) due to missing capability checks in the 'rednumber_duplicate' function. This allows disclosure of sensitive content including password-protected and private posts. The vulnerability requires authentication but exploits insufficient privilege validation, creating a post enumeration and information disclosure risk for multi-user WordPress installations. No public exploit code or active exploitation has been confirmed at the time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-14170 MEDIUM This Month

Authenticated attackers with WordPress Subscriber-level access and above can modify arbitrary plugin settings in the Vimeo SimpleGallery plugin versions up to 0.2 due to missing authorization checks on the vimeogallery_admin function. The vulnerability allows privilege escalation within WordPress, enabling lower-privileged users to alter plugin configurations they should not have access to. No public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-12783 MEDIUM This Month

Premmerce Brands for WooCommerce plugin versions up to 1.2.13 allow authenticated attackers with Subscriber-level access to modify brand permalink settings due to a missing capability check in the saveBrandsSettings function. The vulnerability requires only network access and low-privilege authentication, enabling unauthorized data modification of WordPress brand configuration without user interaction.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-10583 LOW Monitor

WP Fastest Cache Premium plugin versions up to 1.7.4 contain a Server-Side Request Forgery (SSRF) vulnerability in the 'get_server_time_ajax_request' AJAX action that allows authenticated Subscriber-level users to send arbitrary web requests originating from the server, potentially enabling reconnaissance and manipulation of internal services. The free version is unaffected. No public exploit code has been identified at time of analysis, with a very low EPSS score of 0.04% indicating minimal real-world exploitation likelihood despite the authenticated attack vector.

WordPress SSRF Authentication Bypass
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-43518 LOW Monitor

Local privilege escalation in Apple's spellcheck API allows authenticated users to inappropriately access files on macOS, iOS, and related platforms through a logic flaw in access controls. Affected versions include macOS Sonoma 14.x and earlier, macOS Sequoia 15.7.2 and earlier, iOS 18.x and earlier, iPadOS 18.x and earlier, and watchOS 11.x and earlier. This vulnerability requires local access and user-level privileges but carries a low EPSS score (0.01%, percentile 3%) indicating minimal real-world exploitation likelihood at present. No public exploit code or active exploitation has been identified.

Apple iOS macOS Information Disclosure Path Traversal
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43517 LOW Monitor

macOS logging system fails to redact protected user data from log entries, allowing local authenticated applications to access sensitive information through log files across Sequoia, Sonoma, and Tahoe versions. Apple addressed this privacy issue by improving data redaction mechanisms in patched versions (macOS Sequoia 15.7.3, Sonoma 14.8.3, Tahoe 26.2). No public exploit identified at time of analysis, with EPSS exploitation probability at 0.01% (3rd percentile), indicating minimal real-world risk despite local attack vector.

Apple macOS Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43516 LOW Monitor

Session fixation in macOS Voice Control allows authenticated local users to transcribe another user's activity on the same system, disclosing sensitive information without user interaction. The vulnerability affects macOS Sequoia, Sonoma, and Tahoe and is fixed in versions 15.7.3, 14.8.3, and 26.2 respectively. Real-world risk is minimal due to low EPSS (0.01%), requirement for local access and prior authentication, and the need for Voice Control to be explicitly enabled.

Apple macOS Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43522 LOW Monitor

Intel-based Mac computers running macOS Sequoia prior to 15.7.3 or macOS Tahoe prior to 26.2 are vulnerable to a cryptographic downgrade attack that allows unprivileged local applications to bypass code-signing restrictions and access sensitive user data. The vulnerability exploits inadequate validation of signed components, enabling information disclosure through JWT or similar signed-data attacks. Active exploitation has not been confirmed, and the extremely low EPSS score (0.01%) indicates minimal real-world exploitation risk despite the local attack vector.

Apple macOS Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-43532 LOW Monitor

Memory corruption in Apple operating systems due to insufficient bounds checking allows local authenticated users to cause denial of service through malicious data processing, affecting iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. The vulnerability requires local access and user interaction, with no public exploit identified; EPSS score of 0.02% indicates minimal real-world exploitation probability despite the assigned CVSS score of 2.8.

Apple iOS macOS Memory Corruption Denial Of Service
NVD
CVSS 3.1
2.8
EPSS
0.0%
CVE-2025-43410 LOW Monitor

Improper cache handling in macOS allows attackers with physical access to recover deleted notes from memory. The vulnerability affects macOS Sequoia (before 15.7.2), macOS Sonoma (before 14.8.2), and macOS Tahoe (before 26.2), exposing sensitive user data through inadequate data sanitization. No public exploit code has been identified, and the extremely low EPSS score (0.02%) reflects the requirement for physical device access, making real-world exploitation unlikely outside of targeted scenarios involving stolen or temporarily compromised hardware.

Apple macOS Information Disclosure
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2025-14568 LOW Monitor

SQL injection in haxxorsid Stock-Management-System up to commit fbbbf213e9c93b87183a3891f77e3cc7095f22b0 allows authenticated remote attackers to execute arbitrary SQL queries via manipulation of the employee_id, id, or admin parameters in model/User.php. The vulnerability has a low CVSS score (2.1) due to limited scope and impact, but carries low but non-zero exploitation probability (EPSS 0.05%). Public exploit code exists and the product is no longer maintained, eliminating vendor-supplied patch availability.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-14569 LOW Monitor

Use-after-free vulnerability in whisper.cpp up to version 1.8.2 affects the read_audio_data function in common-whisper.cpp, allowing local authenticated attackers to trigger memory corruption with limited confidentiality and integrity impact. The flaw requires local access and valid user privileges on the system, with publicly available exploit code currently circulating; however, the extremely low EPSS score (0.03%, 7th percentile) and minimal CVSS severity (1.9) suggest limited real-world exploitability despite public proof-of-concept availability.

Buffer Overflow Denial Of Service
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-40345 CISA Monitor

In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report values beyond the block count derived from info->capacity, letting the driver walk off the end of pba_to_lba[] and corrupt heap memory. Reject PBAs that exceed the computed block count and fail the transfer so we avoid touching out-of-range mapping entries.

Linux Information Disclosure
NVD
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy