Latest Critical CVEs
Updates on the latest high and critical severity vulnerabilities.
-
CVE-2025-26615 - WeGIA Path Traversal Vulnerability
CVE ID :CVE-2025-26615
Published : Feb. 18, 2025, 9:15 p.m. | 17 hours, 52 minutes ago
Description :WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Path Traversal vulnerability was discovered in the WeGIA application, `examples.php` endpoint. This vulnerability could allow an attacker to gain unauthorized access to sensitive information stored in `config.php`. `config.php` contains information that could allow direct access to the database. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-26604 - Discord Bot Framework Kernel Privilege Escalation Arbitrary Code Execution
CVE ID :CVE-2025-26604
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract sensitive information. By loading the module containing the following code and run the command, the bot token can be extracted. Then the attacker can load a blocking module to sabotage the bot (DDoS attack) and the token can be used to make the fake bot act as the real one. If the bot has very high privilege, the attacker basically has full control before the user kicks the bot. Any Discord user that hosts Discord-Bot-Framework-Kernel before commit f0d9e70841a0e3170b88c4f8d562018ccd8e8b14 is affected. Users are advised to upgrade. Users unable to upgrade may attempt to limit their discord bot's access via configuration options.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-22663 - Videowhisper Paid Videochat Turnkey Site Path Traversal
CVE ID :CVE-2025-22663
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper Paid Videochat Turnkey Site allows Path Traversal. This issue affects Paid Videochat Turnkey Site: from n/a through 7.2.12.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-22656 - Oscar Alvarez Cookie Monster PHP File Inclusion Vulnerability
CVE ID :CVE-2025-22656
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar Alvarez Cookie Monster allows PHP Local File Inclusion. This issue affects Cookie Monster: from n/a through 1.2.2.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-22654 - Kodeshpa Simplified Unrestricted File Upload Vulnerability
CVE ID :CVE-2025-22654
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-22639 - WooCommerce Distance Rate Shipping SQL Injection
CVE ID :CVE-2025-22639
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Distance Rate Shipping for WooCommerce allows Blind SQL Injection. This issue affects Distance Rate Shipping for WooCommerce: from n/a through 1.3.4.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-56000 - K Elements Privilege Escalation Vulnerability
CVE ID :CVE-2024-56000
Published : Feb. 18, 2025, 8:15 p.m. | 18 hours, 52 minutes ago
Description :Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements allows Privilege Escalation.This issue affects K Elements: from n/a before 5.4.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-24895 - CIE.AspNetCore.Authentication SAML Signature Forgery
CVE ID :CVE-2025-24895
Published : Feb. 18, 2025, 7:15 p.m. | 19 hours, 52 minutes ago
Description :CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider (IDP): the system that authenticates users and provides identity information (SAML affirmation) to the Service Provider, in essence, is responsible for the management of the credentials and identity of users; 2. Service Provider (SP): the system that provides a service to the user and relies on the Identity Provider to authenticate the user, receives SAML assertions from the IdP to grant access to resources. The library cie-aspnetcore refers to the second entity, the SP, and implements the validation logic of SAML assertions within SAML responses. In affected versions there is no guarantee that the first signature refers to the root object, it follows that if an attacker injects an item signed as the first element, all other signatures will not be verified. The only requirement is to have an XML element legitimately signed by the IdP, a condition that is easily met using the IdP's public metadata. An attacker could create an arbitrary SAML response that would be accepted by SPs using vulnerable SDKs, allowing him to impersonate any Spid and/or CIE user. This issue has been addressed in version 2.1.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-24894 - "SPID.AspNetCore.Authentication SAML Signature Forgery Vulnerability"
CVE ID :CVE-2025-24894
Published : Feb. 18, 2025, 7:15 p.m. | 19 hours, 52 minutes ago
Description :SPID.AspNetCore.Authentication is an AspNetCore Remote Authenticator for SPID. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: Identity Provider (IDP): the system that authenticates users and provides identity information (SAML affirmation) to the Service Provider, in essence, is responsible for the management of the credentials and identity of users; Service Provider (SP): the system that provides a service to the user and relies on the Identity Provider to authenticate the user, receives SAML assertions from the IdP to grant access to resources. The validation logic of the signature is central as it ensures that you cannot create a SAML response with arbitrary assertions and then impersonate other users. There is no guarantee that the first signature refers to the root object, it follows that if an attacker injects an item signed as the first element, all other signatures will not be verified. The only requirement is to have an XML element legitimately signed by the IdP, a condition that is easily met using the IdP's public metadata. An attacker could create an arbitrary SAML response that would be accepted by SPs using vulnerable SDKs, allowing him to impersonate any Spid and/or CIE user. This vulnerability has been addressed in version 3.4.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-51505 - Atos Eviden IDRA Privilege Escalation Vulnerability
CVE ID :CVE-2024-51505
Published : Feb. 18, 2025, 6:15 p.m. | 20 hours, 52 minutes ago
Description :An issue was discovered in Atos Eviden IDRA before 2.7.1. A highly trusted role (Config Admin) could leverage a race condition to escalate privileges.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-39327 - Atos Eviden IDRA Access Control Weakness
CVE ID :CVE-2024-39327
Published : Feb. 18, 2025, 5:15 p.m. | 21 hours, 52 minutes ago
Description :Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the possibility to obtain CA signing in an illegitimate way.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13636 - Brooklyn Theme for WordPress PHP Object Injection Vulnerability
CVE ID :CVE-2024-13636
Published : Feb. 18, 2025, 11:15 a.m. | 1 day, 3 hours ago
Description :The Brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.9.2 via deserialization of untrusted input in the ot_decode function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-12860 - CarSpot – Dealership Wordpress Classified Theme WordPress Privilege Escalation Vulnerability
CVE ID :CVE-2024-12860
Published : Feb. 18, 2025, 9:15 a.m. | 1 day, 5 hours ago
Description :The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13556 - "WordPress Affiliate Links PHP Object Injection Vulnerability"
CVE ID :CVE-2024-13556
Published : Feb. 18, 2025, 6:15 a.m. | 1 day, 8 hours ago
Description :The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.1 via deserialization of untrusted input from an file export. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13315 - Shopwarden WooCommerce Cross-Site Request Forgery (CSRF)
CVE ID :CVE-2024-13315
Published : Feb. 18, 2025, 6:15 a.m. | 1 day, 8 hours ago
Description :The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.11. This is due to missing or incorrect nonce validation on the save_setting() function. This makes it possible for unauthenticated attackers to update arbitrary options and achieve privilege escalation via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13852 - WordPress Option Editor CSRF
CVE ID :CVE-2024-13852
Published : Feb. 18, 2025, 5:15 a.m. | 1 day, 9 hours ago
Description :The Option Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing nonce validation on the plugin_page() function. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13725 - Keap Official Opt-in Forms WordPress Local File Inclusion Vulnerability
CVE ID :CVE-2024-13725
Published : Feb. 18, 2025, 5:15 a.m. | 1 day, 9 hours ago
Description :The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP files can be uploaded and included. If register_argc_argv is enabled on the server and pearcmd.php is installed, this issue might lead to Remote Code Execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13684 - WordPress Reset Plugin Cross-Site Request Forgery (CSRF) Vulnerability
CVE ID :CVE-2024-13684
Published : Feb. 18, 2025, 5:15 a.m. | 1 day, 9 hours ago
Description :The Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the reset_db_page() function. This makes it possible for unauthenticated attackers to reset several tables in the database like comments, themes, plugins, and more via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2024-13677 - GetBookingsWP WordPress Privilege Escalation Vulnerability
CVE ID :CVE-2024-13677
Published : Feb. 18, 2025, 5:15 a.m. | 1 day, 9 hours ago
Description :The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.27. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2021-46686 - Apache Camailer OS Command Injection
CVE ID :CVE-2021-46686
Published : Feb. 18, 2025, 12:15 a.m. | 1 day, 14 hours ago
Description :Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in acmailer CGI ver.4.0.3 and earlier and acmailer DB ver.1.1.5 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...