Skip to main content
CVE-2025-68502 MEDIUM This Month

Authorization Bypass in Crocoblock JetPopup WordPress plugin through version 2.0.20.1 allows attackers to exploit incorrectly configured access control security levels via user-controlled keys, enabling unauthorized access to protected popup content and functionality. EPSS score of 0.04% indicates low exploitation probability despite the authorization flaw; no public exploit code or active exploitation has been identified.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-15199 LOW Monitor

A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

PHP Authentication Bypass File Upload College Notes Uploading System
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy