Top 100 Recent CVEs

CVE-2025-2801 7.3
Published: 2025-04-26T04:15:30.920

What it does:

The "Create custom forms for WordPress with a smart form plugin for smart businesses" plugin has a vulnerability that allows unauthorized users to execute arbitrary shortcodes, which are small pieces of code that perform specific actions, due to a lack of proper validation.

Why it's a problem:

This vulnerability is a problem because it enables attackers to execute malicious code on the WordPress site without needing authentication, potentially leading to data breaches, site takeovers, or other malicious activities.

Steps to mitigate:

  • Update the plugin to a version higher than 1.2.4
  • [Disable the plugin until an update is available]
  • Implement additional security measures such as a Web Application Firewall (WAF) to detect and prevent malicious shortcode executions
  • [Monitor site activity for suspicious behavior and keep backups of important data]
CVE-2025-46333 0
Published: 2025-04-25T21:15:39.577

What it does:

The CVE-2025-46333 vulnerability allows for an out-of-bounds access on the x-axis when using the `z2d.compositor.StrideCompositor.run` function in the z2d graphics library, potentially causing an overflow in the stride length value, which can lead to invalid memory accesses or corruption.

Why it's a problem:

This vulnerability is a problem because it can result in invalid memory accesses or corruption, particularly when compiling in non-safe optimization modes, which can compromise the integrity and stability of the system.

Steps to mitigate:

  • Update to version 0.6.1 or later of the z2d library
  • Avoid using non-safe optimization modes such as `ReleaseFast` or `ReleaseSmall` until the update is applied
  • Verify that all dependent projects and applications are using the updated version of the library.
CVE-2025-32986 0
Published: 2025-04-25T21:15:39.497

What it does:

The CVE-2025-32986 vulnerability allows access to sensitive files in NETSCOUT nGeniusONE versions before 6.4.0 b2350 without requiring proper authentication, specifically at a certain endpoint.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized users to gain access to sensitive information, potentially leading to data breaches, confidentiality losses, and other security issues, as sensitive files are not adequately protected.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • [Verify that all endpoints are properly authenticated and authorized]
  • [Implement additional security measures to protect sensitive files and monitor for unauthorized access]
CVE-2025-32985 0
Published: 2025-04-25T21:15:39.407

What it does:

The NETSCOUT nGeniusONE system, version before 6.4.0 b2350, contains hardcoded credentials that are stored in JAR files, which can be accessed by unauthorized users.

Why it's a problem:

This vulnerability is a problem because hardcoded credentials can be easily obtained by attackers, allowing them to gain unauthorized access to the system, potentially leading to data breaches, system compromise, and other malicious activities.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Change all default and hardcoded credentials to unique, strong passwords
  • Limit access to JAR files and system resources to authorized personnel only
CVE-2025-32984 0
Published: 2025-04-25T21:15:39.320

What it does:

The CVE-2025-32984 vulnerability allows an attacker to inject malicious code into the NETSCOUT nGeniusONE system through a specific POST parameter, which can lead to Stored Cross-Site Scripting (XSS) attacks.

Why it's a problem:

This vulnerability is a problem because it enables attackers to store malicious scripts on the system, which can then be executed by other users, potentially leading to unauthorized access, data theft, or other malicious activities.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Validate and sanitize all user input to prevent malicious code injection
  • Implement a Web Application Firewall (WAF) to detect and prevent XSS attacks
  • Monitor system logs for suspicious activity and respond promptly to potential security incidents
CVE-2025-32983 0
Published: 2025-04-25T21:15:39.243

What it does:

The CVE-2025-32983 vulnerability in NETSCOUT nGeniusONE versions before 6.4.0 b2350 allows an attacker to access technical information through a stack trace, potentially revealing sensitive data about the system.

Why it's a problem:

This vulnerability is a problem because it could allow attackers to gain valuable insights into the system's internal workings, which could be used to plan and execute further attacks, compromising the security and integrity of the system.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Implement access controls to limit who can view stack traces
  • Monitor system logs for suspicious activity related to stack trace access.
CVE-2025-32982 0
Published: 2025-04-25T21:15:39.157

What it does:

The CVE-2025-32982 vulnerability allows unauthorized access to the report module in NETSCOUT nGeniusONE versions before 6.4.0 b2350 due to a broken authorization schema.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access sensitive information and potentially modify or exploit the report module without proper authorization, which can lead to data breaches, system compromise, and other security threats.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Restrict access to the report module until the update is applied
  • Monitor system logs for suspicious activity related to the report module.
CVE-2025-32981 0
Published: 2025-04-25T21:15:39.070

What it does:

The CVE-2025-32981 vulnerability allows local users to exploit insecure permissions on the nGeniusCLI file in NETSCOUT nGeniusONE versions before 6.4.0 b2350.

Why it's a problem:

This vulnerability is a problem because it gives local users unauthorized access to sensitive files, potentially allowing them to modify or extract confidential data, disrupt system operations, or escalate their privileges.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Restrict local user access to the nGeniusCLI file
  • Implement additional security measures to monitor and control file permissions.
CVE-2025-32980 0
Published: 2025-04-25T21:15:38.980

What it does:

The NETSCOUT nGeniusONE system, version before 6.4.0 b2350, has a weak configuration for the sudo command, which allows users to run commands with elevated privileges.

Why it's a problem:

This vulnerability is a problem because it can allow unauthorized users to gain elevated access to the system, potentially leading to unauthorized changes, data breaches, or other malicious activities.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Review and restrict sudo permissions to only necessary users and commands
  • Monitor system logs for suspicious sudo activity
CVE-2025-32979 0
Published: 2025-04-25T21:15:38.883

What it does:

The CVE-2025-32979 vulnerability in NETSCOUT nGeniusONE before version 6.4.0 b2350 allows authenticated users to create arbitrary files on the system.

Why it's a problem:

This vulnerability is a problem because it enables malicious actors with authenticated access to create files that could be used for malicious purposes, such as storing malware, creating backdoors, or overwriting critical system files, potentially leading to system compromise or disruption.

Steps to mitigate:

  • Update NETSCOUT nGeniusONE to version 6.4.0 b2350 or later
  • Restrict authenticated user access to the system
  • Monitor system logs for suspicious file creation activity
  • Implement additional security controls to detect and prevent malicious file uploads.
CVE-2025-28128 0
Published: 2025-04-25T20:15:39.153

What it does:

This vulnerability allows attackers to bypass the One-Time Password (OTP) verification process in Mytel Telecom's Online Account System by sending a specially crafted request, potentially granting unauthorized access to user accounts.

Why it's a problem:

This vulnerability is a problem because it undermines the security measures put in place to protect user accounts, making it easier for attackers to gain unauthorized access and potentially leading to data breaches, identity theft, or other malicious activities.

Steps to mitigate:

  • Update Mytel Telecom Online Account System to the latest version
  • [contact Mytel Telecom support for a patch or fix]
  • [enable additional security measures such as two-factor authentication using a different method]
  • [monitor account activity regularly for suspicious behavior]
CVE-2025-3935 8.1
Published: 2025-04-25T19:15:49.143

What it does:

The CVE-2025-3935 vulnerability allows attackers to inject malicious code into the ViewState of ScreenConnect versions 25.2.3 and earlier, potentially leading to remote code execution on the server if an attacker obtains privileged system level access and compromises the machine keys used to protect ViewState data.

Why it's a problem:

This vulnerability is a problem because it could allow attackers to gain control of the server, potentially leading to unauthorized access, data theft, or other malicious activities, especially since it can be exploited to achieve remote code execution.

Steps to mitigate:

  • Update ScreenConnect to version 2025.4 or later, which disables ViewState and removes dependency on it
  • Ensure that system level access is restricted to authorized personnel to prevent machine key compromise
  • Regularly monitor server activity for signs of malicious code injection or unauthorized access.
CVE-2024-30152 6.5
Published: 2025-04-25T18:15:25.247

What it does:

The HCL SX v21 system uses a weak cryptographic algorithm, allowing an attacker to potentially exploit this weakness and gain unauthorized access to sensitive information, modify data, or cause other negative impacts.

Why it's a problem:

This vulnerability is a problem because it enables attackers to bypass security measures and compromise the confidentiality, integrity, and availability of sensitive data, which can lead to financial loss, reputational damage, and other severe consequences.

Steps to mitigate:

  • Update HCL SX to the latest version with a secure cryptographic algorithm
  • [Implement additional security measures such as encryption and access controls to protect sensitive data]
  • Contact HCL support for guidance on patching and securing the system
  • Regularly monitor the system for suspicious activity and signs of exploitation.
CVE-2025-25775 0
Published: 2025-04-25T17:15:18.020

What it does:

The Codeastro Bus Ticket Booking System v1.0 has a vulnerability that allows an attacker to inject malicious SQL code through the "kodetiket" parameter in the "/BusTicket-CI/tiket/cekorder" endpoint, potentially giving them unauthorized access to sensitive database information.

Why it's a problem:

This vulnerability is a problem because it could allow attackers to extract, modify, or delete sensitive data, disrupt the system's functionality, or even gain control of the entire database, leading to serious security breaches and potential financial losses.

Steps to mitigate:

  • Update the Codeastro Bus Ticket Booking System to a patched version
  • [Implement input validation and sanitization for the "kodetiket" parameter]
  • [Use prepared statements or parameterized queries to prevent SQL injection]
  • [Limit database privileges to the minimum required for the application
  • [Monitor system logs for suspicious activity and implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks].
CVE-2025-3928 8.8
Published: 2025-04-25T16:15:27.817

What it does:

The Commvault Web Server has a vulnerability that allows a remote, authenticated attacker to create and execute webshells, potentially taking control of the web server.

Why it's a problem:

This vulnerability is a problem because it enables attackers to compromise the web server, potentially leading to unauthorized access, data breaches, and other malicious activities, which can have severe consequences for the security and integrity of the system.

Steps to mitigate:

  • Update Commvault Web Server to version 11.36.46, 11.32.89, 11.28.141, or 11.20.217 for Windows and Linux platforms
  • Ensure that only authorized and authenticated users have access to the web server
  • Monitor the web server for suspicious activity and signs of compromise, such as unusual login attempts or unfamiliar files and processes.
CVE-2025-2070 5.0
Published: 2025-04-25T16:15:26.180

What it does:

The CVE-2025-2070 vulnerability allows an attacker to read arbitrary files on a system by exploiting an improper XML parsing issue in the FileZ client, which can be triggered when a user visits a specially crafted URL.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive files on the system, potentially leading to data breaches, leaks of confidential information, or further exploitation of the system.

Steps to mitigate:

  • Update the FileZ client to the latest version
  • [Avoid visiting suspicious or untrusted URLs]
  • Use a web application firewall to filter and block malicious traffic
  • Implement strict access controls and file system permissions to limit damage in case of exploitation.
CVE-2025-2069 5.0
Published: 2025-04-25T16:15:26.020

What it does:

This vulnerability allows an attacker to execute malicious code on a user's system if the user visits a specially crafted URL using the FileZ client.

Why it's a problem:

This is a problem because it enables attackers to run unauthorized code on a user's system, potentially leading to data theft, system compromise, or other malicious activities.

Steps to mitigate:

  • Avoid visiting suspicious links in the FileZ client
  • Keep the FileZ client and operating system up to date with the latest security patches
  • Use a web application firewall or browser extension that provides cross-site scripting protection
  • Be cautious when clicking on links from unknown sources.
CVE-2025-2068 5.0
Published: 2025-04-25T16:15:25.857

What it does:

The CVE-2025-2068 vulnerability allows an attacker to create a crafted URL that, when visited by a local user, can redirect them to an unintended website, potentially leading to information disclosure through the FileZ client.

Why it's a problem:

This vulnerability is a problem because it can be exploited by attackers to trick users into revealing sensitive information or to redirect them to malicious websites, which can lead to further attacks, such as phishing or malware installation.

Steps to mitigate:

  • Update the FileZ client to the latest version
  • [Avoid clicking on suspicious links from untrusted sources]
  • [Use a web application firewall to detect and block malicious URLs]
  • [Monitor user activity for signs of potential exploitation]
CVE-2024-56156 0
Published: 2025-04-25T16:15:25.597

What it does:

The CVE-2024-56156 vulnerability allows attackers to bypass file type validation controls in the Halo website building tool, enabling them to upload malicious files such as executables and HTML files.

Why it's a problem:

This vulnerability is a problem because it can lead to stored cross-site scripting attacks and potentially allow remote code execution, which can compromise the security of the website and its users.

Steps to mitigate:

  • Update Halo to version 2.20.13 or later
  • [Verify that file type validation controls are in place and functioning correctly]
  • [Monitor the website for signs of malicious activity and stored cross-site scripting attacks]
CVE-2021-32601 0
Published: 2025-04-25T16:15:21.360

What it does:

No information is available for this CVE, as the original description was rejected and no details were provided.

Why it's a problem:

The lack of information about this vulnerability makes it difficult to assess its potential impact, but in general, unknown vulnerabilities can be a problem because they can be exploited by attackers before a fix is available.

Steps to mitigate:

  • Monitor official security channels for updates
  • [Check for any upcoming patches or fixes]
  • [Implement general security best practices to reduce the risk of exploitation]
CVE-2025-46618 3.5
Published: 2025-04-25T15:15:40.957

What it does:

This vulnerability allows an attacker to inject malicious code into the Data Directory tab of JetBrains TeamCity, which can lead to a stored Cross-Site Scripting (XSS) attack, potentially executing unwanted actions on the system.

Why it's a problem:

This vulnerability is a problem because it enables attackers to manipulate the system, steal sensitive information, or perform unauthorized actions, compromising the security and integrity of the data and systems managed by JetBrains TeamCity.

Steps to mitigate:

  • Update JetBrains TeamCity to version 2025.03.1 or later
  • Validate and sanitize user input to prevent malicious code injection
  • Implement additional security measures, such as web application firewalls (WAFs) and regular security audits, to detect and prevent similar vulnerabilities.
CVE-2025-46433 4.9
Published: 2025-04-25T15:15:40.480

What it does:

The CVE-2025-46433 vulnerability allows for improper path validation in the loggingPreset parameter in JetBrains TeamCity versions before 2025.03.1, potentially enabling unauthorized access to sensitive files or directories.

Why it's a problem:

This vulnerability is a problem because it could allow attackers to manipulate the loggingPreset parameter to access or modify sensitive data, potentially leading to security breaches or disruptions in the development environment.

Steps to mitigate:

  • Update JetBrains TeamCity to version 2025.03.1 or later
  • Verify that all instances of TeamCity are running the updated version
  • Review system logs for any suspicious activity related to the loggingPreset parameter
CVE-2025-46432 4.3
Published: 2025-04-25T15:15:40.347

What it does:

This vulnerability in JetBrains TeamCity allows base64-encoded credentials to be exposed in build logs, potentially revealing sensitive information.

Why it's a problem:

This is a problem because exposed credentials can be used by unauthorized parties to gain access to sensitive systems, data, or applications, compromising security and potentially leading to further attacks or data breaches.

Steps to mitigate:

  • Update JetBrains TeamCity to version 2025.03.1 or later
  • Review build logs for exposed credentials and remove or encrypt them
  • Implement additional security measures, such as access controls and encryption, to protect sensitive information.
CVE-2025-43862 7.6
Published: 2025-04-25T15:15:39.920

What it does:

The CVE-2025-43862 vulnerability allows normal users to access and modify app orchestration in the Dify platform, even if they are not presented with the option to do so in the web UI, due to a flaw in access control.

Why it's a problem:

This vulnerability is a problem because it enables non-admin users to make unauthorized changes to apps, potentially leading to security breaches, data tampering, or disruption of services, which can have serious consequences.

Steps to mitigate:

  • Update to version 0.6.12 or later
  • Implement role-based access controls (RBAC) to enforce stricter user role permissions
  • Restrict access to app orchestration to only users with admin privileges.
CVE-2025-43016 5.4
Published: 2025-04-25T15:15:39.260

What it does:

The CVE-2025-43016 vulnerability in JetBrains Rider before version 2025.1.2 allows an attacker to overwrite arbitrary files on a system during a remote debug session, using a custom archive unpacker.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to modify sensitive files on a system, potentially leading to data corruption, privilege escalation, or the execution of malicious code, which can compromise the security and integrity of the system.

Steps to mitigate:

  • Update JetBrains Rider to version 2025.1.2 or later
  • [Disable remote debug sessions until the update is applied]
  • [Restrict access to the system to trusted users and networks]
  • [Monitor system files and directories for suspicious activity]
CVE-2025-3647 4.3
Published: 2025-04-25T15:15:38.550

What it does:

This vulnerability in Moodle allows unauthorized users to access cohort data that they should not be able to retrieve, due to a lack of proper access checks.

Why it's a problem:

This is a problem because it can lead to sensitive information being exposed to users who do not have the necessary permissions, potentially compromising user privacy and data security.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply security patches to fix the flaw]
  • Restrict access to cohort data until the update is applied
  • Monitor user activity for suspicious access attempts.
CVE-2025-3645 4.3
Published: 2025-04-25T15:15:38.410

What it does:

This vulnerability allows users to view other users' names and online statuses in Moodle due to insufficient capability checks in a messaging web service.

Why it's a problem:

This vulnerability is a problem because it compromises user privacy by allowing unauthorized access to personal information, potentially leading to social engineering attacks or other malicious activities.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply security patches to fix the insufficient capability checks]
  • Restrict access to the messaging web service until the vulnerability is fixed
  • Monitor user activity for suspicious behavior.
CVE-2025-3644 4.3
Published: 2025-04-25T15:15:38.280

What it does:

This vulnerability allows users to delete course sections in Moodle that they do not have permission to modify, due to a lack of proper checks.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized modifications of course content, potentially disrupting the learning environment and causing data loss or inconsistencies.

Steps to mitigate:

  • Update to the latest version of Moodle
  • [Apply the patch provided by Moodle developers]
  • Restrict user permissions to prevent unauthorized access to course sections
  • Monitor course activity for suspicious deletions or modifications.
CVE-2025-3643 5.4
Published: 2025-04-25T15:15:38.147

What it does:

This vulnerability allows an attacker to inject malicious code into a Moodle webpage by manipulating the return URL in the policy tool, potentially leading to a Cross-site scripting (XSS) attack.

Why it's a problem:

This vulnerability is a problem because it could enable an attacker to steal user data, take control of user sessions, or perform unauthorized actions on behalf of the user, compromising the security and integrity of the Moodle platform.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the patch provided by Moodle]
  • [Implement additional input validation and sanitization for return URLs in the policy tool]
  • [Monitor user activity for signs of XSS attacks]
  • Report any suspected vulnerabilities to the Moodle security team.
CVE-2025-3642 8.8
Published: 2025-04-25T15:15:38.013

What it does:

This vulnerability allows remote code execution in the Moodle LMS EQUELLA repository, which means an attacker could potentially execute malicious code on a Moodle site that has the EQUELLA repository enabled.

Why it's a problem:

This is a problem because it gives attackers the ability to run arbitrary code on the site, potentially leading to data breaches, site takeovers, or other malicious activities, and it is particularly concerning since it affects teachers and managers who have elevated privileges.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Disable the EQUELLA repository if not necessary]
  • Restrict access to the EQUELLA repository to only those who need it
  • Monitor site activity for suspicious behavior
  • Apply any additional security patches released by Moodle.
CVE-2025-3641 8.8
Published: 2025-04-25T15:15:37.887

What it does:

This vulnerability allows for remote code execution in the Moodle Learning Management System (LMS) through the Dropbox repository, potentially enabling attackers to execute malicious code on the system.

Why it's a problem:

This vulnerability is a problem because it could allow attackers to gain unauthorized access to the system, steal sensitive data, or disrupt the functioning of the Moodle platform, particularly since it affects teachers and managers who have elevated privileges.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Disable the Dropbox repository plugin until a patch is applied]
  • [Restrict access to the Dropbox repository to only necessary personnel]
  • [Monitor system logs for suspicious activity related to the Dropbox repository]
CVE-2025-3640 4.3
Published: 2025-04-25T15:15:37.757

What it does:

This vulnerability allows a user enrolled in a Moodle course to access personal details, such as full names and profile image URLs, of other users without having the necessary permissions.

Why it's a problem:

This vulnerability is a problem because it compromises the privacy of Moodle users by potentially exposing their personal information to unauthorized individuals, which could lead to identity theft, harassment, or other forms of exploitation.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the patch provided by Moodle developers]
  • Restrict user permissions to the minimum required for their role
  • Monitor user activity for suspicious behavior
  • Implement additional access controls to sensitive user information.
CVE-2025-3638 0
Published: 2025-04-25T15:15:37.640

What it does:

The Moodle Brickfield tool has a flaw that allows a Cross-site request forgery (CSRF) risk because it lacks a necessary token to prevent unauthorized actions when analyzing requests.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to trick a user into performing unintended actions on the Moodle platform, potentially leading to unauthorized access, data modification, or other malicious activities.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the necessary security patch to the Brickfield tool]
  • [Implement additional CSRF protection measures, such as token validation, to prevent unauthorized requests]
  • Monitor user activity for suspicious behavior and take prompt action if necessary.
CVE-2025-3637 3.1
Published: 2025-04-25T15:15:37.510

What it does:

This vulnerability in Moodle allows confidential information that protects against cross-site request forgery (CSRF) attacks to be shared publicly through the site's URL, specifically on edit and delete pages within the mod_data module.

Why it's a problem:

This is a problem because it enables attackers to potentially bypass CSRF protections, allowing them to perform unauthorized actions on behalf of legitimate users, which could lead to data modification or deletion.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the official patch for CVE-2025-3637]
  • [Restrict access to mod_data module edit and delete pages to authorized users only]
  • [Monitor site activity for suspicious requests]
  • [Consider implementing additional CSRF protection measures]
CVE-2025-3636 4.3
Published: 2025-04-25T15:15:37.363

What it does:

This vulnerability allows unauthorized users to access and view RSS feeds in Moodle due to insufficient capability checks, potentially exposing sensitive information.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized access to sensitive data, compromising user privacy and potentially allowing malicious actors to gather information that could be used for further attacks.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply security patches to fix the capability check flaw]
  • [Restrict access to RSS feeds until the vulnerability is patched]
  • [Monitor user activity for suspicious access to RSS feeds]
CVE-2025-3635 3.5
Published: 2025-04-25T15:15:37.230

What it does:

This vulnerability in Moodle allows an attacker to duplicate existing tours without logging in, by exploiting a lack of protection against cross-site request forgery (CSRF) attacks.

Why it's a problem:

This is a problem because it enables unauthorized access and modification of Moodle tours, potentially disrupting the learning environment and causing confusion among users.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply security patches to fix CSRF vulnerabilities]
  • Implement additional security measures such as CSRF tokens to protect against similar attacks
  • Monitor Moodle instances for suspicious activity and duplicate tours.
CVE-2025-3628 4.3
Published: 2025-04-25T15:15:37.057

What it does:

This vulnerability allows anonymous assignment submissions in Moodle to be identified through a search function, revealing the identities of students who were intended to remain anonymous.

Why it's a problem:

This vulnerability is a problem because it compromises the anonymity of students, potentially infringing on their privacy and trust in the educational platform, and could have serious consequences in situations where anonymity is crucial, such as in sensitive or high-stakes assessments.

Steps to mitigate:

  • Update to the latest version of Moodle
  • [Apply the patch provided by Moodle
  • [Configure search settings to exclude anonymous submissions]
  • Restrict access to search functions for non-admin users]
CVE-2025-3627 4.3
Published: 2025-04-25T15:15:36.927

What it does:

This vulnerability allows certain users to access sensitive information about other students in Moodle before those students have completed the two-factor authentication (2FA) verification process.

Why it's a problem:

This is a problem because it compromises the security and privacy of student information, potentially exposing personal data to unauthorized individuals, even if 2FA is supposed to be in place to protect it.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the security patch provided by Moodle]
  • [Implement additional access controls to sensitive student information]
  • [Monitor user activity for suspicious behavior]
  • [Ensure that all users are aware of and comply with 2FA requirements]
CVE-2025-3625 7.1
Published: 2025-04-25T15:15:36.753

What it does:

This vulnerability allows hackers to access sensitive student information and block students from logging into their accounts, even if they have successfully completed two-factor authentication (2FA).

Why it's a problem:

This vulnerability is a problem because it compromises the security and privacy of student data, and also denies students access to their accounts, potentially disrupting their learning activities.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply security patches to affected systems]
  • [Implement additional authentication measures, such as IP blocking or rate limiting]
  • [Monitor user accounts for suspicious activity]
  • [Notify and educate users about the vulnerability and its potential impact]
CVE-2025-32432 10.0
Published: 2025-04-25T15:15:36.440

What it does:

The CVE-2025-32432 vulnerability allows an attacker to execute remote code on Craft CMS versions 3.0.0-RC1 to 3.9.14, 4.0.0-RC1 to 4.14.14, and 5.0.0-RC1 to 5.6.16, enabling them to run malicious code on the system.

Why it's a problem:

This vulnerability is a significant issue because it enables attackers to gain control over the system, potentially leading to data breaches, malware installation, and other malicious activities, with a high impact and relatively low complexity to exploit.

Steps to mitigate:

  • Update Craft CMS to version 3.9.15 or later
  • Update Craft CMS to version 4.14.15 or later
  • Update Craft CMS to version 5.6.17 or later
  • Avoid using affected versions of Craft CMS until an update can be applied.
CVE-2025-32045 5.3
Published: 2025-04-25T15:15:36.307

What it does:

This vulnerability allows users without necessary permissions to access hidden grades in certain grade reports due to insufficient capability checks in Moodle.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized access to sensitive information, potentially compromising student privacy and confidentiality, and undermining the integrity of the grading system.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the patch provided by Moodle developers]
  • Restrict access to grade reports to authorized personnel only
  • Regularly review and monitor system logs for suspicious activity
  • Implement additional security measures to protect sensitive student information.
CVE-2025-32044 7.5
Published: 2025-04-25T15:15:36.170

What it does:

This vulnerability in Moodle allows unauthenticated users to access sensitive user data, including names, contact information, and hashed passwords, through specific API calls that return stack traces.

Why it's a problem:

This is a problem because it exposes private user information, which could be used for identity theft, phishing, or other malicious activities, potentially compromising the security and privacy of users on affected Moodle sites.

Steps to mitigate:

  • Check PHP configuration to ensure zend.exception_ignore_args = 1 is set in the php.ini file to prevent exploitation
  • Update Moodle to the latest version that includes the patch for this vulnerability
  • Restrict access to API calls that could potentially return sensitive user data
  • Monitor site logs for suspicious activity and investigate any unusual stack trace errors.
CVE-2025-28076 0
Published: 2025-04-25T15:15:36.057

What it does:

This vulnerability allows remote attackers who have authentication credentials to inject and execute arbitrary SQL commands into the EasyVirt DCScope and CO2Scope systems by manipulating various parameters in API requests, potentially giving them unauthorized access to sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables attackers to bypass normal security controls, access, modify, or delete sensitive data, and potentially disrupt the operation of the affected systems, leading to data breaches, system compromise, or other malicious activities.

Steps to mitigate:

  • Update EasyVirt DCScope to version 8.6.5 or later
  • Update CO2Scope to version 1.3.5 or later
  • Implement input validation and sanitization for all API request parameters
  • Use Web Application Firewalls (WAFs) to detect and prevent SQL injection attacks
  • Limit user privileges to the minimum required for their roles
  • Monitor system logs for suspicious activity
  • Consider using parameterized queries or prepared statements to prevent SQL injection.
CVE-2025-3634 4.3
Published: 2025-04-25T14:15:22.917

What it does:

This vulnerability allows students to enroll in Moodle courses without completing all required safety checks, including two-step verification processes, enabling premature course sign-ups.

Why it's a problem:

This vulnerability is a problem because it bypasses essential security measures, potentially allowing unauthorized access to courses and sensitive information, which could compromise student data and the overall integrity of the learning environment.

Steps to mitigate:

  • Update Moodle to the latest version
  • [Apply the official patch provided by Moodle]
  • [Implement additional access controls and monitoring to detect unusual enrollment activity]
  • [Notify administrators and instructors to review course enrollments for any suspicious activity]
CVE-2025-28354 0
Published: 2025-04-25T14:15:21.560

What it does:

This vulnerability allows attackers to manipulate the Printer Manager System of Entrust Corp Printer Manager version D3.18.4-3 and below, by sending a specially crafted POST request that can execute a directory traversal, potentially accessing or modifying files outside the intended directory.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access and potential modification of sensitive files and directories, which could lead to data breaches, disruption of printing services, or even lateral movement within the network, compromising the security and integrity of the system.

Steps to mitigate:

  • Update Entrust Corp Printer Manager to a version above D3.18.4-3
  • [Apply patches or fixes provided by Entrust Corp]
  • Implement network segmentation to restrict access to the Printer Manager System
  • [Monitor network traffic for suspicious POST requests]
  • Limit user privileges to minimize potential damage.
CVE-2024-57375 2.4
Published: 2025-04-25T14:15:20.567

What it does:

The CVE-2024-57375 vulnerability allows an attacker with physical access to the Andamiro Pump It Up 20th Anniversary game system to crash the application by performing specific deselect actions.

Why it's a problem:

This vulnerability is a problem because it can be exploited by an attacker to intentionally disrupt the game system, causing a denial of service and potentially resulting in financial losses or inconvenience to the game operators and players.

Steps to mitigate:

  • Update the game system to a version later than 2.08.3
  • Limit physical access to the game system to authorized personnel
  • Monitor the game system for suspicious activity and crashes
  • Implement regular software updates and maintenance to ensure the system remains secure.
CVE-2024-6199 0
Published: 2025-04-25T13:15:43.510

What it does:

This vulnerability allows an unauthenticated attacker to manipulate Dynamic DNS (DDNS) traffic and force a buffer overflow on a modem, potentially giving them control over the device.

Why it's a problem:

This vulnerability is a problem because it could allow an attacker to gain unauthorized access to a modem, potentially leading to further exploitation of the network and connected devices.

Steps to mitigate:

  • Check if Dynamic DNS is enabled on the modem and disable it if not necessary
  • Use a secure and trusted DDNS service
  • Implement network traffic monitoring to detect suspicious activity
  • Keep the modem's firmware up to date with the latest security patches.
CVE-2024-6198 0
Published: 2025-04-25T13:15:42.370

What it does:

This CVE exposes a vulnerability in a device's web interface, specifically in the lighttpd web service running on ports TCP/3030 and TCP/9882, where an attacker can send a specially crafted HTTP request to exploit a stack buffer overflow due to insecure path parsing.

Why it's a problem:

This vulnerability is a problem because it allows an attacker with access to the LAN network interface to potentially gain control of the device by overflowing the buffer, which could lead to unauthorized access, data theft, or disruption of service.

Steps to mitigate:

  • Restrict access to the device's LAN network interface
  • Update the lighttpd web service to a version that is not vulnerable to the stack buffer overflow
  • Implement a web application firewall (WAF) to detect and block malicious HTTP requests
  • Limit access to the web interface to only necessary personnel
  • Regularly monitor the device for suspicious activity.
CVE-2025-3912 5.3
Published: 2025-04-25T12:15:17.243

What it does:

The WS Form LITE plugin for WordPress has a vulnerability that allows unauthorized access to its settings, including API keys, due to a missing capability check in the 'get_config' function.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to read sensitive information, such as API keys for integrated services, which could be used for malicious purposes, including data breaches and unauthorized access to connected services.

Steps to mitigate:

  • Update the WS Form LITE plugin to a version later than 1.10.35
  • [Check the plugin's settings to ensure sensitive information is not exposed]
  • Monitor the website for any suspicious activity related to integrated services
  • [Contact the plugin developer or WordPress support for further guidance and recommendations].
CVE-2025-2986 5.5
Published: 2025-04-25T12:15:17.083

What it does:

The CVE-2025-2986 vulnerability in IBM Maximo Asset Management 7.6.1.3 allows a privileged user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to the execution of malicious scripts.

Why it's a problem:

This vulnerability is a problem because it can lead to credentials disclosure within a trusted session, potentially allowing attackers to gain unauthorized access to sensitive information and systems.

Steps to mitigate:

  • Update IBM Maximo Asset Management to the latest version
  • [Apply security patches provided by IBM]
  • Implement strict input validation and output encoding to prevent malicious code injection
  • Limit user privileges to minimize the potential damage
  • Monitor system logs for suspicious activity and signs of exploitation.
CVE-2025-2470 9.8
Published: 2025-04-25T12:15:16.903

What it does:

The Service Finder Bookings plugin for WordPress has a vulnerability that allows attackers to create an account with any role, including Administrator, when using social login, due to a lack of user role restrictions in the plugin's code.

Why it's a problem:

This vulnerability is a significant issue because it enables unauthenticated attackers to gain administrative access to a WordPress site, potentially leading to unauthorized data access, modification, or deletion, as well as taking control of the entire site.

Steps to mitigate:

  • Update the Service Finder Bookings plugin to a version higher than 5.1
  • [Ensure the Nextend Social Login plugin is not installed or configured, or update it to a version that is not vulnerable
  • [Restrict user registration to only allow trusted users to register with elevated roles
  • [Monitor site activity for suspicious account creations or login attempts.
CVE-2024-11917 8.1
Published: 2025-04-25T12:15:16.013

What it does:

The JobSearch WP Job Board plugin for WordPress has a vulnerability that allows unauthenticated attackers to bypass authentication and log in as a connected Xing or Google user under certain conditions, specifically as the first connected Xing user or any connected Xing user if the Xing ID is known, or as the first connected Google user if they have not logged out in thirty days.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to user accounts, potentially leading to data breaches, account takeovers, and other malicious activities, which can compromise the security and integrity of the WordPress site and its users.

Steps to mitigate:

  • Update the JobSearch WP Job Board plugin to a version later than 2.8.8
  • [Ensure that all users log out of their Xing and Google accounts after use]
  • [Monitor user activity for suspicious login attempts from unknown or unfamiliar locations
  • [Consider implementing additional authentication measures, such as two-factor authentication, to provide an extra layer of security.
CVE-2025-1565 7.5
Published: 2025-04-25T10:15:15.557

What it does:

The Mayosis Core plugin for WordPress has a vulnerability that allows unauthorized access to read the contents of any file on the server, due to a flaw in the remote_dl.php file.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access sensitive information stored on the server, such as database credentials, encryption keys, or other confidential data, without needing to authenticate themselves.

Steps to mitigate:

  • Update the Mayosis Core plugin to a version later than 5.4.1
  • [Remove or restrict access to the library/wave-audio/peaks/remote_dl.php file]
  • Implement additional server-side security measures, such as file system access controls and monitoring, to detect and prevent unauthorized file access.
CVE-2025-3870 6.1
Published: 2025-04-25T09:15:14.573

What it does:

The 1 Decembrie 1918 plugin for WordPress has a vulnerability that allows attackers to trick site administrators into performing unintended actions, such as updating settings or injecting malicious scripts, by sending forged requests that appear to come from the administrator.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to gain unauthorized access to a WordPress site's settings and potentially inject malicious code, which could lead to security breaches, data theft, or malware distribution, all without the need for the attacker to have any legitimate credentials.

Steps to mitigate:

  • Update the 1 Decembrie 1918 plugin to a version later than 1.dec.2012
  • [Verify that all WordPress plugins are up-to-date and patched regularly]
  • [Use security plugins or tools that provide Cross-Site Request Forgery protection
  • [Limit administrator access to trusted devices and networks
  • [Monitor site activity for suspicious requests or changes to settings]
CVE-2025-1279 8.8
Published: 2025-04-25T09:15:14.063

What it does:

The BM Content Builder plugin for WordPress has a vulnerability that allows authenticated attackers with Subscriber-level access or higher to modify data and update arbitrary options on the site, potentially leading to privilege escalation.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain administrative access to a vulnerable WordPress site by updating the default role for registration to administrator and enabling user registration, allowing them to create new administrator accounts and take control of the site.

Steps to mitigate:

  • Update the BM Content Builder plugin to a version above 3.16.2.1
  • [Monitor user activity and watch for suspicious account creations]
  • [Limit Subscriber-level access and ensure that all users with such access are trusted]
  • [Consider disabling user registration until the plugin is updated]
CVE-2025-46535 5.4
Published: 2025-04-25T08:15:13.483

What it does:

The CVE-2025-46535 vulnerability allows unauthorized access to the AlphaEfficiencyTeam Custom Login and Registration system due to missing authorization and incorrectly configured access control security levels.

Why it's a problem:

This vulnerability is a problem because it enables attackers to exploit the system's weak security controls, potentially leading to unauthorized data access, modification, or other malicious activities, which can compromise the security and integrity of the system and its users.

Steps to mitigate:

  • Update Custom Login and Registration to the latest version
  • [Verify and correct access control security levels]
  • Implement additional authorization measures to ensure proper access control
  • Monitor system logs for suspicious activity
  • Limit user privileges to necessary levels only.
CVE-2025-46482 6.5
Published: 2025-04-25T08:15:13.320

What it does:

The CVE-2025-46482 vulnerability allows an attacker to inject malicious code into a website using the MyThemeShop WP Quiz plugin, which can lead to Stored Cross-site Scripting (XSS) attacks. This means an attacker can store malicious scripts on the website that will be executed when other users visit the site.

Why it's a problem:

This vulnerability is a problem because it enables attackers to steal user data, take control of user accounts, or perform other malicious actions on the affected website. The severity of this issue is rated 6.5, indicating a moderate to high level of risk.

Steps to mitigate:

  • Update the WP Quiz plugin to a version higher than 2.0.10
  • Validate and sanitize all user input to prevent malicious code injection
  • Implement a Web Application Firewall (WAF) to detect and block XSS attacks
  • Monitor website traffic and user activity for suspicious behavior
  • Keep all other plugins and themes up to date to prevent similar vulnerabilities.
CVE-2025-46617 7.2
Published: 2025-04-25T07:15:48.837

What it does:

The Quantum StorNext Web GUI API has a vulnerability that allows unauthorized access to internal configuration settings and modification of software parameters using undocumented user credentials, affecting various StorNext products.

Why it's a problem:

This vulnerability is a problem because it grants unauthorized users the ability to modify sensitive configuration settings, potentially disrupting the functionality and security of the affected systems, and allowing malicious activities to occur.

Steps to mitigate:

  • Update StorNext RYO to version 7.2.4 or later
  • Update StorNext Xcellis Workflow Director to version 7.2.4 or later
  • Update ActiveScale Cold Storage to a version that includes the patched StorNext Web GUI API
  • Change any potentially compromised user credentials
  • Monitor system logs for suspicious activity related to the StorNext Web GUI API.
CVE-2025-46616 9.9
Published: 2025-04-25T07:15:48.643

What it does:

The CVE-2025-46616 vulnerability allows an attacker to remotely execute arbitrary code on a system by uploading a malicious file to the Quantum StorNext Web GUI API, affecting various StorNext products and ActiveScale Cold Storage.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain control over the system, potentially leading to data breaches, unauthorized access, and other malicious activities, posing a significant threat due to its high severity score of 9.9.

Steps to mitigate:

  • Update StorNext RYO to version 7.2.4 or later
  • Update StorNext Xcellis Workflow Director to version 7.2.4 or later
  • Update ActiveScale Cold Storage to a version that includes the patched Quantum StorNext Web GUI API
  • Avoid uploading files from untrusted sources
  • Implement additional security measures, such as firewall rules and access controls, to limit access to the vulnerable API.
CVE-2025-3868 6.1
Published: 2025-04-25T07:15:48.473

What it does:

The Custom Admin-Bar Favorites plugin for WordPress has a vulnerability that allows attackers to inject arbitrary web scripts into pages via the 'menuObject' parameter, due to insufficient input sanitization and output escaping, which can be triggered by tricking a user into clicking on a malicious link.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to execute arbitrary scripts on a user's browser, potentially leading to unauthorized actions, data theft, or other malicious activities, all without needing direct access to the WordPress site.

Steps to mitigate:

  • Update the Custom Admin-Bar Favorites plugin to a version higher than 0.1
  • [Verify that input sanitization and output escaping are properly implemented in the plugin]
  • Implement a Web Application Firewall (WAF) to detect and prevent Reflected Cross-Site Scripting attacks
  • Limit user access to the plugin's functionality to trusted individuals only
  • Monitor user activity and website logs for suspicious behavior.
CVE-2025-3867 6.1
Published: 2025-04-25T07:15:48.320

What it does:

The Ajax Comment Form CST plugin for WordPress has a vulnerability that allows attackers to trick site administrators into updating settings and injecting malicious web scripts without their knowledge, due to a lack of proper validation.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to make unauthorized changes to a website's settings, potentially leading to malicious activities such as data theft, malware distribution, or defacement of the website, all by simply tricking an administrator into clicking on a link.

Steps to mitigate:

  • Update the Ajax Comment Form CST plugin to a version higher than 1.2
  • [Verify the authenticity of links and requests before clicking or taking action]
  • [Implement additional security measures such as two-factor authentication and regular website backups]
  • [Monitor website activity for suspicious changes or behavior]
CVE-2025-3866 6.1
Published: 2025-04-25T07:15:48.143

What it does:

The Add Google +1 social share button plugin for WordPress has a vulnerability that allows attackers to trick site administrators into performing unintended actions, such as updating settings or injecting malicious scripts, by sending forged requests.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to manipulate the website's settings and potentially inject malicious code, which could lead to security breaches, data theft, or other harmful consequences, all without needing direct access to the site's administration panel.

Steps to mitigate:

  • Update the Add Google +1 social share button plugin to a version higher than 1.0.0]
  • [Implement proper nonce validation on the google-plus-one-share-button page]
  • [Restrict access to the plugin's settings page to authorized administrators only]
  • [Use a web application firewall (WAF) to detect and prevent cross-site request forgery (CSRF) attacks.
CVE-2025-3743 5.3
Published: 2025-04-25T07:15:47.980

What it does:

The Upsell Funnel Builder for WooCommerce plugin for WordPress has a vulnerability that allows attackers to manipulate orders, specifically changing the product associated with an order bump and the discount applied to it, by altering the additional product ID and discount field before the order is processed.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to arbitrarily modify orders, potentially leading to financial losses or other malicious activities, such as changing the price of products or substituting products with others, all without needing to be logged in or having any authorized access.

Steps to mitigate:

  • Update the Upsell Funnel Builder for WooCommerce plugin to a version higher than 3.0.0
  • [Monitor orders and order bumps for suspicious activity]
  • [Implement additional security measures, such as authentication and validation checks, to prevent unauthorized modifications to orders
  • [Consider reaching out to the plugin developer for further guidance on securing the plugin].
CVE-2025-2238 8.8
Published: 2025-04-25T07:15:47.523

What it does:

The Vikinger theme for WordPress has a vulnerability that allows authenticated attackers with Subscriber-level access or higher to escalate their privileges to Administrator-level due to insufficient user_meta restrictions in the 'vikinger_user_meta_update_ajax' function.

Why it's a problem:

This vulnerability is a problem because it enables attackers to gain high-level access to a WordPress site, potentially allowing them to modify sensitive data, install malware, or take control of the entire site, which can lead to significant security breaches and data losses.

Steps to mitigate:

  • Update the Vikinger theme to a version higher than 1.9.30
  • Restrict Subscriber-level access to sensitive areas of the site
  • Monitor site activity for suspicious behavior and privilege escalations
  • Consider implementing additional security plugins to detect and prevent privilege escalation attacks.
CVE-2025-46613 7.5
Published: 2025-04-25T06:15:46.273

What it does:

The CVE-2025-46613 vulnerability in OpenPLC versions 3 through 64f9c11 causes memory corruption due to a thread accessing certain arguments after they are no longer available, leading to potential system instability or crashes.

Why it's a problem:

This vulnerability is a problem because it can allow an attacker to potentially execute arbitrary code, gain unauthorized access, or disrupt the system's operation, which can have serious consequences in industrial control systems where OpenPLC is often used.

Steps to mitigate:

  • Update OpenPLC to a version later than 64f9c11
  • [Apply patches or fixes provided by the vendor]
  • Implement network segregation and access controls to limit potential attack vectors
  • Monitor system logs for suspicious activity and errors related to the vulnerability.
CVE-2025-3923 5.3
Published: 2025-04-25T06:15:46.117

What it does:

The Prevent Direct Access – Protect WordPress Files plugin has a vulnerability that allows attackers to potentially access sensitive files protected by the plugin, due to the insufficient randomness of generated file names.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to extract sensitive data, including protected files, if they can guess or determine the file name, which could lead to unauthorized access and data breaches.

Steps to mitigate:

  • Update the Prevent Direct Access – Protect WordPress Files plugin to a version higher than 2.8.8
  • [Use alternative security plugins that do not have this vulnerability]
  • Monitor website logs for suspicious activity and potential exploitation attempts
  • Consider implementing additional security measures, such as access controls and encryption, to protect sensitive files.
CVE-2025-3861 5.4
Published: 2025-04-25T06:15:45.957

What it does:

The Prevent Direct Access – Protect WordPress Files plugin has a vulnerability that allows authenticated attackers with Contributor-level access or higher to access and modify the protection status of media files, despite not being authorized to do so.

Why it's a problem:

This vulnerability is a problem because it allows lower-level users to bypass security controls and make changes to sensitive media files, potentially leading to data breaches, unauthorized data modifications, or other malicious activities.

Steps to mitigate:

  • Update the Prevent Direct Access – Protect WordPress Files plugin to a version outside of the vulnerable range (2.8.6 to 2.8.8.2)
  • Monitor user activity and permissions to detect potential unauthorized access
  • Limit Contributor-level access and above to only trusted users
  • Consider implementing additional security measures to protect WordPress media files.
CVE-2025-3511 5.9
Published: 2025-04-25T06:15:45.753

What it does:

This vulnerability allows a remote attacker to send specially crafted UDP packets to certain Mitsubishi Electric Corporation modules, causing a Denial of Service (DoS) condition that disrupts the normal functioning of the products.

Why it's a problem:

This vulnerability is a problem because it enables an unauthenticated attacker to remotely shut down or disrupt the operation of critical systems, potentially leading to downtime, loss of productivity, and other negative consequences, especially in industrial or manufacturing environments where these modules are typically used.

Steps to mitigate:

  • Update to the latest firmware version provided by Mitsubishi Electric Corporation
  • Implement network segmentation to limit access to the affected modules
  • Use firewalls or intrusion detection systems to block suspicious UDP packets
  • Monitor network traffic for signs of malicious activity
  • Apply additional security measures such as authentication and access control to prevent unauthorized access to the modules.
CVE-2025-2580 4.9
Published: 2025-04-25T06:15:45.457

What it does:

The Contact Form by Bit Form plugin for WordPress allows attackers to upload malicious SVG files that can inject arbitrary web scripts into pages, which will execute when a user accesses the file, due to insufficient input sanitization and output escaping.

Why it's a problem:

This vulnerability is a problem because it enables authenticated attackers with Author-level access or higher to inject malicious scripts into pages, potentially leading to unauthorized actions, data theft, or other security breaches when users access the compromised SVG files.

Steps to mitigate:

  • Update the Contact Form by Bit Form plugin to a version above 2.18.3
  • [Limit Author-level access to trusted users]
  • Implement additional input validation and output escaping for SVG file uploads
  • Monitor user activity and page access logs for suspicious behavior.
CVE-2025-0671 0
Published: 2025-04-25T06:15:44.237

What it does:

The Icegram Express WordPress plugin has a flaw that allows high-privilege users, such as admins, to inject malicious code into template settings, potentially leading to Stored Cross-Site Scripting (XSS) attacks.

Why it's a problem:

This vulnerability is a problem because it enables attackers to inject malicious scripts, which can be executed by other users, including those with lower privileges, potentially leading to unauthorized access, data theft, or other malicious activities, even in environments where certain privileges are restricted.

Steps to mitigate:

  • Update the Icegram Express WordPress plugin to version 5.7.50 or later
  • Restrict admin access to trusted users only
  • Monitor website activity for signs of XSS attacks and implement additional security measures, such as web application firewalls (WAFs), to detect and prevent malicious activity.
CVE-2025-46599 6.8
Published: 2025-04-25T05:15:33.330

What it does:

The CNCF K3s version 1.32 before 1.32.4-rc1+k3s1 has a configuration issue that sets the ReadOnlyPort to 10255, potentially allowing unauthenticated access to this port and exposing sensitive credentials.

Why it's a problem:

This vulnerability is a problem because it could allow unauthorized access to sensitive information, including credentials, which could be used for malicious purposes, compromising the security of the system.

Steps to mitigate:

  • Update K3s to version 1.32.4-rc1+k3s1 or later
  • Restrict access to port 10255 by configuring firewall rules or network policies
  • Implement additional authentication and authorization mechanisms to protect sensitive credentials.
CVE-2025-3775 6.5
Published: 2025-04-25T05:15:33.153

What it does:

The ShopLentor WordPress plugin has a vulnerability that allows unauthorized attackers to make requests to any website or server, making it seem like the request is coming from the WordPress site itself, potentially allowing them to access or modify sensitive information on internal services.

Why it's a problem:

This vulnerability is a problem because it enables attackers to bypass normal security restrictions and interact with internal services that are not directly accessible from the internet, which could lead to unauthorized data access, modification, or other malicious activities.

Steps to mitigate:

  • Update the ShopLentor plugin to a version later than 3.1.2
  • [Disable the woolentor_template_proxy function if an update is not available]
  • [Restrict access to the WordPress site and the ShopLentor plugin to only trusted users and networks]
  • [Monitor internal services for suspicious activity and implement additional security measures to prevent unauthorized access]
CVE-2025-3752 6.4
Published: 2025-04-25T05:15:32.830

What it does:

The Able Player plugin for WordPress has a vulnerability that allows attackers to inject malicious scripts into web pages via the 'preload' parameter, due to poor input sanitization and output escaping, affecting all versions up to 1.2.1.

Why it's a problem:

This vulnerability is a problem because it enables authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts that will execute whenever a user accesses the injected page, potentially leading to unauthorized actions, data theft, or other malicious activities.

Steps to mitigate:

  • Update the Able Player plugin to a version above 1.2.1
  • [Restrict Contributor-level access to trusted users]
  • Implement additional input validation and output escaping measures
  • [Monitor website activity for suspicious script injections]
  • Consider using a web application firewall (WAF) to detect and prevent XSS attacks.
CVE-2025-46595 6.4
Published: 2025-04-25T03:15:20.583

What it does:

The CVE-2025-46595 vulnerability is a Cross Site Scripting (XSS) issue in the Flag module for Backdrop CMS, which allows an attacker to inject crafted HTML code into the website when a flag action is performed, potentially executing malicious scripts.

Why it's a problem:

This vulnerability is a problem because it can allow an attacker to perform unauthorized actions on the website, such as stealing user data or taking control of user accounts, by exploiting the lack of verification of flag links and responses. Although the attacker needs a role with permission to create links on the website, this still poses a significant risk to the security of the website and its users.

Steps to mitigate:

  • Update the Flag module to version 1.x-3.6.2 or later
  • Restrict permissions to create links on the website to trusted users only
  • Monitor the website for suspicious activity and implement additional security measures, such as input validation and output encoding, to prevent XSS attacks.
CVE-2025-46547 5.4
Published: 2025-04-25T03:15:20.430

What it does:

The Sherpa Orchestrator web application is vulnerable to CSRF (Cross-Site Request Forgery) attacks, allowing an attacker to perform unauthorized actions such as conducting XSS (Cross-Site Scripting) attacks, adding new users or roles, or exploiting SQL injection issues.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to manipulate the web application and perform malicious actions without the user's knowledge or consent, potentially leading to data breaches, unauthorized access, or disruption of services.

Steps to mitigate:

  • Update Sherpa Orchestrator to a version that includes CSRF protection
  • [Implement web application firewall (WAF) rules to detect and prevent CSRF attacks]
  • [Configure the web application to use anti-CSRF tokens]
  • [Limit user privileges to minimize the impact of a potential attack]
  • [Monitor the web application for suspicious activity and respond promptly to potential security incidents]
CVE-2025-46546 3.5
Published: 2025-04-25T03:15:20.270

What it does:

The CVE-2025-46546 vulnerability allows an authenticated user to perform multiple time-based blind SQL injections in Sherpa Orchestrator 141851, targeting various API endpoints related to asset, file, process, and task management.

Why it's a problem:

This vulnerability is a problem because it enables an attacker to extract or modify sensitive data from the database, potentially leading to unauthorized access, data breaches, or disruption of services, even if they only have authenticated access to the system.

Steps to mitigate:

  • Update Sherpa Orchestrator to a patched version
  • [Apply input validation and sanitization to prevent malicious SQL injections]
  • [Implement robust authentication and authorization mechanisms to limit user access to sensitive data and API endpoints]
  • [Monitor system logs for suspicious activity and potential SQL injection attempts
  • [Consider using Web Application Firewalls (WAFs) to detect and prevent SQL injection attacks]
CVE-2025-46545 4.4
Published: 2025-04-25T03:15:20.110

What it does:

The CVE-2025-46545 vulnerability in Sherpa Orchestrator allows an administrator to embed malicious code, known as a stored XSS attack, into the system through the license name parameter, which can be executed when the license expires.

Why it's a problem:

This vulnerability is a problem because it enables malicious code to be stored and executed within the system, potentially allowing attackers to steal sensitive information, disrupt system operations, or take control of user sessions, even after the initial exploit has occurred.

Steps to mitigate:

  • Update Sherpa Orchestrator to the latest version
  • [Verify that all user input, including license names, is validated and sanitized to prevent XSS attacks]
  • Implement Web Application Firewall (WAF) rules to detect and block XSS payloads
  • [Limit administrator privileges to only necessary personnel]
  • Regularly review and monitor system logs for signs of XSS attacks.
CVE-2025-46544 6.4
Published: 2025-04-25T03:15:19.953

What it does:

The CVE-2025-46544 vulnerability in Sherpa Orchestrator allows a user with low privileges to gain higher-level access by creating new users and roles.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized users to escalate their privileges, potentially giving them control over sensitive systems and data, which could lead to security breaches, data theft, or disruption of services.

Steps to mitigate:

  • Update Sherpa Orchestrator to the latest version
  • [patch the vulnerability]
  • restrict user privileges to prevent unauthorized role creation
  • monitor user activity for suspicious behavior
  • implement strict access controls to limit user capabilities.
CVE-2025-43865 8.2
Published: 2025-04-25T01:15:43.270

What it does:

The CVE-2025-43865 vulnerability allows an attacker to modify pre-rendered data in React Router versions prior to 7.5.2 by adding a specific header to a request, enabling them to completely spoof the contents and alter the data object passed to the HTML.

Why it's a problem:

This vulnerability is a problem because it enables attackers to manipulate the data displayed on a webpage, potentially leading to security issues such as phishing, data tampering, or other malicious activities, which can compromise user trust and confidentiality.

Steps to mitigate:

  • Update React Router to version 7.5.2 or later
  • Verify that all dependencies are up-to-date to prevent similar vulnerabilities
  • Monitor web application traffic for suspicious request headers to detect potential exploitation attempts.
CVE-2025-43864 7.5
Published: 2025-04-25T01:15:43.117

What it does:

The CVE-2025-43864 vulnerability allows an attacker to force a React application using React Router to switch from Server-Side Rendering (SSR) to Single-Page Application (SPA) mode by adding a specific header to a request, causing a page error that can be cached by the system.

Why it's a problem:

This vulnerability is a problem because it can lead to cache poisoning, where the cached error response is served to users, significantly impacting the application's availability and potentially causing widespread disruption to users.

Steps to mitigate:

  • Update React Router to version 7.5.2 or later
  • Implement caching controls to prevent error responses from being cached
  • Monitor application logs for signs of cache poisoning and take corrective action if necessary
CVE-2025-3606 7.5
Published: 2025-04-25T00:15:15.807

What it does:

The Vestel AC Charger version 3.75.0 contains a vulnerability that allows an attacker to access sensitive files, including those with credentials.

Why it's a problem:

This vulnerability is a problem because it enables attackers to obtain sensitive information, such as credentials, which can be used to further compromise the device and potentially lead to unauthorized access or data breaches.

Steps to mitigate:

  • Update to a patched version of the Vestel AC Charger
  • [apply security patches and updates regularly]
  • [use strong passwords and enable multi-factor authentication]
  • [monitor device activity for suspicious behavior]
  • [limit access to sensitive files and credentials]
CVE-2025-2185 8.0
Published: 2025-04-25T00:15:15.340

What it does:

The ALBEDO Telecom Net.Time - PTP/NTP clock software release 1.4.4 has a vulnerability that allows an attacker to keep a session active indefinitely, potentially enabling them to transmit sensitive information, such as passwords, over unencrypted connections.

Why it's a problem:

This vulnerability is a problem because it allows attackers to intercept sensitive information, including passwords, which could be used to gain unauthorized access to the system, compromising its security and potentially leading to further malicious activities.

Steps to mitigate:

  • Update to a newer software release that fixes the vulnerability
  • Use encrypted connections to protect sensitive information
  • Implement additional security measures, such as firewall rules and intrusion detection systems, to monitor and block suspicious activity
  • Change passwords and credentials that may have been transmitted over unencrypted connections
  • Limit access to the system to trusted users and networks.
CVE-2025-46275 9.8
Published: 2025-04-24T23:15:15.977

What it does:

This vulnerability allows an attacker to create a new administrator account on affected WGS-80HPT-V2 and WGS-4215-8T2S devices without needing any existing login credentials.

Why it's a problem:

This is a significant issue because it enables unauthorized users to gain full administrative access to the devices, potentially leading to data breaches, system compromise, and other malicious activities.

Steps to mitigate:

  • Update device firmware to the latest version
  • [apply patches or fixes provided by the manufacturer]
  • [change default passwords and configure authentication settings to prevent unauthorized access]
  • [monitor device activity for suspicious behavior]
  • [implement network segmentation to limit access to affected devices]
CVE-2025-46274 9.8
Published: 2025-04-24T23:15:15.827

What it does:

The UNI-NMS-Lite system uses hard-coded credentials, allowing an unauthenticated attacker to access the managed database and perform actions such as reading, manipulating, and creating entries.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized users to gain control of the database, potentially leading to sensitive data exposure, modification, or deletion, which can have severe consequences for the security and integrity of the system.

Steps to mitigate:

  • Change default credentials to unique and strong passwords
  • [Update UNI-NMS-Lite to the latest version if a patch is available]
  • [Implement additional authentication mechanisms, such as multi-factor authentication, to prevent unauthorized access
  • [Limit database access to authorized personnel and monitor database activity for suspicious behavior
  • [Consider conducting a thorough security audit to identify and address any other potential vulnerabilities].
CVE-2025-46273 9.8
Published: 2025-04-24T23:15:15.673

What it does:

The UNI-NMS-Lite system uses fixed, hard-coded login credentials, allowing an unauthorized attacker to potentially gain full administrative access to all devices managed by UNI-NMS.

Why it's a problem:

This vulnerability is a significant issue because it enables an attacker to easily gain control over the entire network of managed devices without needing to guess or crack passwords, posing a substantial risk to the security and integrity of the system.

Steps to mitigate:

  • Change default credentials to unique, strong passwords
  • Implement multi-factor authentication for an additional layer of security
  • Regularly update and patch UNI-NMS-Lite software to ensure any known vulnerabilities are addressed
  • Limit network access to UNI-NMS-Lite to only trusted sources and users.
CVE-2025-46272 9.1
Published: 2025-04-24T23:15:15.513

What it does:

This vulnerability allows an unauthenticated attacker to inject commands into the WGS-80HPT-V2 and WGS-4215-8T2S systems, enabling them to execute operating system commands on the host system.

Why it's a problem:

This is a significant issue because it permits unauthorized access to the system, potentially leading to data breaches, system compromise, and other malicious activities, all without the need for authentication.

Steps to mitigate:

  • Update to the latest firmware version
  • [Apply patches or fixes provided by the manufacturer]
  • Implement network segmentation to limit access to the vulnerable devices
  • Use firewalls and intrusion detection systems to monitor and block suspicious traffic
  • Change default passwords and configure secure authentication mechanisms.
CVE-2025-46271 9.1
Published: 2025-04-24T23:15:15.357

What it does:

The CVE-2025-46271 vulnerability allows an unauthenticated attacker to inject commands into UNI-NMS-Lite, giving them the ability to read or manipulate device data without authorization.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access and alter sensitive device information, potentially disrupting network operations, stealing confidential data, or using the compromised devices for further malicious activities, all without needing any legitimate credentials.

Steps to mitigate:

  • Update UNI-NMS-Lite to the latest patched version
  • Implement strict input validation and sanitization to prevent command injection
  • Restrict access to UNI-NMS-Lite to only trusted and authenticated users
  • Monitor network traffic for suspicious activity
  • Apply additional security measures such as firewalls and intrusion detection systems to detect and prevent command injection attacks.
CVE-2025-3749 6.4
Published: 2025-04-24T23:15:15.200

What it does:

The Breeze Display plugin for WordPress has a vulnerability that allows attackers to inject malicious scripts into pages through a parameter called 'cal_size', which can execute when a user visits the infected page.

Why it's a problem:

This vulnerability is a problem because it enables authenticated attackers with certain access levels to inject arbitrary web scripts, potentially leading to unauthorized actions, data theft, or other malicious activities on the affected website.

Steps to mitigate:

  • Update the Breeze Display plugin to a version above 1.2.3
  • [Verify that all users with Contributor-level access and above have trusted and secure accounts]
  • Limit access to the website's administrative dashboard to only necessary users
  • [Monitor the website for any suspicious activity and remove any injected scripts if found]
CVE-2025-1294 7.2
Published: 2025-04-24T23:15:14.720

What it does:

The eForm WordPress plugin has a vulnerability that allows attackers to inject malicious scripts into website pages, which will be executed when a user visits the infected page.

Why it's a problem:

This vulnerability is a problem because it enables unauthenticated attackers to inject arbitrary web scripts, potentially leading to unauthorized access, data theft, or other malicious activities, compromising the security and integrity of the website and its users.

Steps to mitigate:

  • Update the eForm plugin to a version later than 4.18.0
  • Verify that input sanitization and output escaping are properly implemented
  • Monitor website traffic and user activity for suspicious behavior
  • Consider implementing a Web Application Firewall (WAF) to detect and prevent similar attacks.
CVE-2025-43861 4.4
Published: 2025-04-24T21:15:24.310

What it does:

The ManageWiki MediaWiki extension has a vulnerability that allows an attacker to inject malicious code into the "Review Changes" dialog, which can then be executed in the context of the attacker's own session, potentially leading to cross-site scripting (XSS) attacks.

Why it's a problem:

This vulnerability is a problem because it can allow an attacker to perform unauthorized actions, steal sensitive information, or take control of the user's session, which can compromise the security and integrity of the wiki and its users.

Steps to mitigate:

  • Update ManageWiki to a version that includes the patch from commit 2f177dc
  • Verify that the "Review Changes" dialog is not rendering any malicious code
  • Limit user privileges to prevent attackers from injecting malicious payloads into the dialog.
CVE-2025-29529 0
Published: 2025-04-24T21:15:24.053

What it does:

The ITC Systems Multiplan/Matrix OneCard platform version 3.7.4.1002 contains a SQL injection vulnerability in the Forgotpassword.aspx component, allowing attackers to inject malicious SQL code.

Why it's a problem:

This vulnerability is a problem because it enables attackers to access, modify, or extract sensitive data from the database, potentially leading to unauthorized access, data breaches, or disruption of the system.

Steps to mitigate:

  • Update to a patched version of the ITC Systems Multiplan/Matrix OneCard platform
  • [Apply input validation and sanitization to the Forgotpassword.aspx component
  • [Implement a Web Application Firewall (WAF) to detect and prevent SQL injection attacks
  • [Limit database privileges to the minimum required for the application
  • [Monitor database activity for suspicious queries and behavior]
CVE-2025-25777 0
Published: 2025-04-24T21:15:23.933

What it does:

The CVE-2025-25777 vulnerability allows an attacker to access another user's profile in the Codeastro Bus Ticket Booking System by manipulating the user ID in the URL, bypassing authentication and authorization checks.

Why it's a problem:

This vulnerability is a problem because it enables unauthorized access to sensitive user information, potentially leading to identity theft, data breaches, or other malicious activities, compromising user privacy and system security.

Steps to mitigate:

  • Validate user IDs and implement proper authentication and authorization checks
  • [Update the Codeastro Bus Ticket Booking System to the latest version or patch]
  • [Implement URL parameter encryption and encoding to prevent manipulation
  • [Use secure session management and token-based authentication to prevent unauthorized access
  • [Monitor system logs for suspicious activity and implement incident response plans]
CVE-2024-30127 3.2
Published: 2025-04-24T21:15:21.727

What it does:

The CVE-2024-30127 vulnerability allows sensitive data to be cached due to missing "no cache" headers in HCL Leap, which means that confidential information can be stored and potentially accessed by unauthorized parties.

Why it's a problem:

This vulnerability is a problem because it can lead to unauthorized access to sensitive data, compromising the confidentiality and security of the information. If an attacker gains access to the cached data, they may be able to exploit it for malicious purposes.

Steps to mitigate:

  • Implement "no cache" headers in HCL Leap configurations
  • Regularly review and update HCL Leap settings to ensure sensitive data is not cached
  • Use additional security measures, such as encryption and access controls, to protect sensitive data
  • Monitor system logs for potential security breaches and respond promptly to incidents.
CVE-2023-37516 3.2
Published: 2025-04-24T21:15:21.583

What it does:

The CVE-2023-37516 vulnerability allows user directory information in HCL Leap to be cached due to missing "no cache" headers, potentially exposing sensitive data.

Why it's a problem:

This vulnerability is a problem because it enables the caching of sensitive user directory information, which could be accessed by unauthorized parties, compromising user privacy and potentially leading to further security breaches.

Steps to mitigate:

  • Update HCL Leap to the latest version
  • [Configure the application to include "no cache" headers]
  • Implement a web application firewall (WAF) to detect and prevent cache-related attacks
  • Regularly review and update security configurations to ensure sensitive data is properly protected.
CVE-2022-44760 4.6
Published: 2025-04-24T21:15:20.737

What it does:

The CVE-2022-44760 vulnerability allows the execution of unsafe JavaScript in deployed applications due to an unsafe default file type filter policy in HCL Leap.

Why it's a problem:

This vulnerability is a problem because it enables attackers to execute malicious JavaScript code, potentially leading to unauthorized access, data breaches, or other security threats, compromising the security and integrity of the deployed applications.

Steps to mitigate:

  • Update HCL Leap to the latest version
  • [Verify and configure the file type filter policy to only allow safe file types]
  • Implement additional security measures such as input validation and sanitization to prevent malicious code execution
  • Monitor application logs for suspicious activity and respond promptly to potential security incidents.
CVE-2022-44759 4.6
Published: 2025-04-24T21:15:20.603

What it does:

This vulnerability allows an attacker to inject malicious scripts into deployed applications through improperly sanitized SVG files in HCL Leap.

Why it's a problem:

This vulnerability is a problem because it enables client-side script injection, which can lead to unauthorized access, data theft, and other malicious activities, potentially compromising the security and integrity of the affected applications.

Steps to mitigate:

  • Update HCL Leap to the latest version
  • [patch or fix the improper sanitization of SVG files]
  • implement input validation and sanitization for all uploaded files
  • use a Web Application Firewall (WAF) to detect and prevent malicious script injections
  • regularly monitor application logs for suspicious activity.
CVE-2025-26382 0
Published: 2025-04-24T20:15:31.677

What it does:

The iSTAR Configuration Utility (ICU) tool has a buffer overflow issue under certain circumstances, which means that more data is written to a buffer than it is designed to hold, potentially causing the program to crash or allowing malicious code to be executed.

Why it's a problem:

This vulnerability is a problem because it could allow an attacker to gain unauthorized access to the system, execute malicious code, or cause the system to become unstable, potentially leading to data loss or disruption of service.

Steps to mitigate:

  • Update the iSTAR Configuration Utility (ICU) tool to the latest version
  • [run a virus scan to detect and remove any potential malware]
  • [avoid using the ICU tool until a patch is available]
  • [implement additional security measures such as firewalls and intrusion detection systems to prevent exploitation]
CVE-2025-43859 9.1
Published: 2025-04-24T19:15:47.060

What it does:

The CVE-2025-43859 vulnerability affects the h11 Python library, which implements HTTP/1.1, allowing for request smuggling due to lenient parsing of line terminators in chunked-coding message bodies.

Why it's a problem:

This vulnerability is a problem because it can be exploited to smuggle malicious requests, potentially leading to unauthorized access, data breaches, or other security issues, especially when combined with a buggy proxy server.

Steps to mitigate:

  • Update h11 to version 0.16.0 or later
  • Ensure any reverse proxy servers are updated to the latest version and properly configured
  • Review and test network configurations to identify and address any potential request smuggling vulnerabilities.
CVE-2025-43858 9.2
Published: 2025-04-24T18:15:20.120

What it does:

The CVE-2025-43858 vulnerability allows malicious commands to be injected when using the YoutubeDLSharp wrapper to download videos on Windows, specifically when the `UseWindowsEncodingWorkaround` value is set to true, which is the default behavior for built-in methods.

Why it's a problem:

This vulnerability is a problem because it enables attackers to execute arbitrary commands on a user's system, potentially leading to unauthorized access, data theft, or other malicious activities, especially since the default setting makes it difficult for users to disable the vulnerable behavior.

Steps to mitigate:

  • Update YoutubeDLSharp to version 1.1.2 or later
  • Avoid using built-in methods from the YoutubeDL.cs file that have the `UseWindowsEncodingWorkaround` value set to true
  • Manually set `UseWindowsEncodingWorkaround` to false when possible to prevent command injection until a patch can be applied.
CVE-2025-31324 10.0
Published: 2025-04-24T17:15:35.913

What it does:

The SAP NetWeaver Visual Composer Metadata Uploader vulnerability allows an unauthenticated user to upload malicious executable files to the system without proper authorization.

Why it's a problem:

This vulnerability is a problem because it enables attackers to upload harmful files that can severely damage the host system, compromising its confidentiality, integrity, and availability.

Steps to mitigate:

  • Update SAP NetWeaver to the latest patched version
  • Implement strict access controls and authentication for the Metadata Uploader
  • Monitor system logs for suspicious upload activity
  • Limit network access to the affected system until a patch is applied