Latest Critical CVEs

• CVE-2025-6990 - Kallyas (Contributor+) Remote Code Execution

  CVE ID :CVE-2025-6990
  Published : Nov. 1, 2025, 8:15 a.m. | 1 hour, 14 minutes ago
  Description :The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.0 via the `TH_PhpCode` pagebuilder widget. This is due to the theme not restricting access to the code editor widget for non-administrators. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-6574 - Service Finder Bookings lege Escalation via Account Takeover

  CVE ID :CVE-2025-6574
  Published : Nov. 1, 2025, 7:15 a.m. | 2 hours, 14 minutes ago
  Description :The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and excluding, 6.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12171 - RESTful Content Syndication 1.1.0 - 1.5.0 - Authenticated (Contributor+) Arbitrary File Upload

  CVE ID :CVE-2025-12171
  Published : Nov. 1, 2025, 7:15 a.m. | 2 hours, 14 minutes ago
  Description :The RESTful Content Syndication plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ingest_image() function in versions 1.1.0 to 1.5.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This requires the attacker have access to a defined third-party server as specified in the settings, so it is unlikely that this will be exploitable by contributor-level users, and more likely to be exploited by administrators who also have access to the plugin's settings.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-11755 - Delicious Recipes r+) Arbitrary File Upload

  CVE ID :CVE-2025-11755
  Published : Nov. 1, 2025, 7:15 a.m. | 2 hours, 14 minutes ago
  Description :The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file uploads when importing recipes via CSV in all versions up to, and including, 1.9.0. This flaw allows an attacker with at least Contributor-level permissions to upload a malicious PHP file by providing a remote URL during a recipe import process, leading to Remote Code Execution (RCE).
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-11499 - Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent

  CVE ID :CVE-2025-11499
  Published : Nov. 1, 2025, 7:15 a.m. | 2 hours, 14 minutes ago
  Description :The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_featured_image_from_external_url() function in all versions up to, and including, 1.1.32. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible in configurations where unauthenticated users have been provided with a method for adding featured images, and the workflow trigger is created.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-5949 - Service Finder Bookings ilege Escalation via change_candidate_password

  CVE ID :CVE-2025-5949
  Published : Nov. 1, 2025, 5:16 a.m. | 4 hours, 13 minutes ago
  Description :The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's identity prior to processing a password change request. This makes it possible for authenticated attackers with subscriber access or higher to reset other users' passwords, including those of admins.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-11833 - Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App

  CVE ID :CVE-2025-11833
  Published : Nov. 1, 2025, 4:15 a.m. | 5 hours, 14 minutes ago
  Description :The Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the __construct function in all versions up to, and including, 3.6.0. This makes it possible for unauthenticated attackers to read arbitrary logged emails sent through the Post SMTP plugin, including password reset emails containing password reset links, which can lead to account takeover.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-11920 - WPCOM Member ributor+) Local File Inclusion via Shortcode

  CVE ID :CVE-2025-11920
  Published : Nov. 1, 2025, 2:15 a.m. | 7 hours, 14 minutes ago
  Description :The WPCOM Member plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.14 via the action parameter in one of its shortcodes. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-64349 - ELOG user profile missing authorization

  CVE ID :CVE-2025-64349
  Published : Oct. 31, 2025, 7:15 p.m. | 14 hours, 13 minutes ago
  Description :ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-64348 - ELOG configuration file authorization bypass

  CVE ID :CVE-2025-64348
  Published : Oct. 31, 2025, 7:15 p.m. | 14 hours, 13 minutes ago
  Description :ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow shell commands or self-registration.
  Severity: 9.3 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-62618 - ELOG file upload stored XSS

  CVE ID :CVE-2025-62618
  Published : Oct. 31, 2025, 7:15 p.m. | 14 hours, 13 minutes ago
  Description :ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or crack the password hash offline. In ELOG 3.1.5-20251014 release, HTML files are rendered as plain text.
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-29270 - Deep Sea Electronics DSE855 Unauthenticated Remote Command Execution

  CVE ID :CVE-2025-29270
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device.
  Severity: 10.0 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12553 - Server Certificate Verification Disabled

  CVE ID :CVE-2025-12553
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :Email Server Certificate Verification Disabled.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
  Severity: 10.0 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12509 - Scripts for the module Global_Shipping executable on BRAIN2 Server

  CVE ID :CVE-2025-12509
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12508 - Unencrypted communication to Active Directory services

  CVE ID :CVE-2025-12508
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12507 - Insecure service configuration – unquoted path

  CVE ID :CVE-2025-12507
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-12357 - International Standards Organization ISO 15118-2 Improper Restriction of Communication Channel to Intended Endpoints

  CVE ID :CVE-2025-12357
  Published : Oct. 31, 2025, 4:15 p.m. | 17 hours, 14 minutes ago
  Description :By manipulating the Signal Level Attenuation Characterization (SLAC) protocol with spoofed measurements, an attacker can stage a man-in-the-middle attack between an electric vehicle and chargers that comply with the ISO 15118-2 part. This vulnerability may be exploitable wirelessly, within close proximity, via electromagnetic induction.
  Severity: 8.3 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-64389 - EXCHANGE OF SENSITIVE INFORMATION IN CLEAR TEXT

  CVE ID :CVE-2025-64389
  Published : Oct. 31, 2025, 3:15 p.m. | 18 hours, 14 minutes ago
  Description :The web server of the device performs exchanges of sensitive information in clear text through an insecure protocol.
  Severity: 8.3 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-64388 - Denial of service through specific packets

  CVE ID :CVE-2025-64388
  Published : Oct. 31, 2025, 3:15 p.m. | 18 hours, 14 minutes ago
  Description :Denial of service of the web server through specific requests to this protocol
  Severity: 9.2 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-64385 - INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES

  CVE ID :CVE-2025-64385
  Published : Oct. 31, 2025, 3:15 p.m. | 18 hours, 14 minutes ago
  Description :The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the web server or with the manufacturer’s software. Using the manufacturer's software, the device can be configured via UDP. Analyzing this communication, it has been observed that any aspect of the initial configuration can be changed by means of the device's MAC without the need for authentication.
  Severity: 9.2 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...