Latest Critical CVEs

• CVE-2025-36754 - Authentication bypass on web interface

  CVE ID :CVE-2025-36754
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request with new settings since there is no session token or authentication in place. This would allow an attacker for instance to point the device to an arbitrary address for domain name resolution to e.g. facililitate a man-in-the-middle (MitM) attack.
  Severity: 9.3 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36753 - SWD Interface Open on Growatt ShineLan-X

  CVE ID :CVE-2025-36753
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36752 - Undocumented backup Account and No Password Configuration Capability

  CVE ID :CVE-2025-36752
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growatt ShineLan-X communication dongle.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36751 - Missing encryption on Local Configuration Interface or Cloud Endpoint Communication - Growatt MIC3300TL-X and ShineLan-X

  CVE ID :CVE-2025-36751
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X. This allows an attacker with access to the network to intercept and potentially manipulate communication requests between the inverter and its cloud endpoint.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36750 - Stored cross site scripting (XSS) vulnerability in Growatt ShineLan-X

  CVE ID :CVE-2025-36750
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant management page via a direct post. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36748 - Stored Cross-Site Scripting (XSS) vulnerability in Growatt ShineLan-X

  CVE ID :CVE-2025-36748
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36747 - Hardcoded FTP Credentials within the firmware

  CVE ID :CVE-2025-36747
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmware signature verification is not enforced.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14476 - Doubly (Subscriber+) PHP Object Injection via ZIP File Import

  CVE ID :CVE-2025-14476
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.46 via deserialization of untrusted input from the content.txt file within uploaded ZIP archives. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to execute arbitrary code, delete files, retrieve sensitive data, or perform other actions depending on the available gadgets. This is only exploitable by subscribers, when administrators have explicitly enabled that access.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14475 - Extensive VC Addons for WPBakery page builder ame' Parameter

  CVE ID :CVE-2025-14475
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.1 via the `extensive_vc_get_module_template_part` function. This is due to insufficient path normalization and validation of the user-supplied `shortcode_name` parameter in the `extensive_vc_init_shortcode_pagination` AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files via the `shortcode_name` parameter.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14440 - JAY Login & Register ookie

  CVE ID :CVE-2025-14440
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authentication checking in the 'jay_login_register_process_switch_back' function with the 'jay_login_register_process_switch_back' cookie value. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14397 - Postem Ipsum n to Authenticated (Subscriber+) Privilege Escalation in postem_ipsum_generate_users

  CVE ID :CVE-2025-14397
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to Privilege Escalation due to a missing capability check on the postem_ipsum_generate_users() function in all versions up to, and including, 3.0.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary user accounts with the administrator role.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-13094 - WP3D Model Import Viewer itrary File Upload

  CVE ID :CVE-2025-13094
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_import_file() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-11693 - Export WP Page to Static HTML & PDF e

  CVE ID :CVE-2025-11693
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies that may have been injected into the log file if the site administrator triggered a back-up using a specific user role like 'administrator.'
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-10738 - URL Shortener Plugin For WordPress

  CVE ID :CVE-2025-10738
  Published : Dec. 13, 2025, 4:16 p.m. | 9 hours, 18 minutes ago
  Description :The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘analytic_id’ parameter in all versions up to, and including, 3.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-13970 - OpenPLC_V3 Cross-Site Request Forgery

  CVE ID :CVE-2025-13970
  Published : Dec. 13, 2025, 1:15 a.m. | 1 day ago
  Description :OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of proper CSRF validation. This issue allows an unauthenticated attacker to trick a logged-in administrator into visiting a maliciously crafted link, potentially enabling unauthorized modification of PLC settings or the upload of malicious programs which could lead to significant disruption or damage to connected systems.
  Severity: 8.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-67750 - Lightning Flow Scanner is Vulnerable to Code Injection via Unsafe Use of new Function() in APIVersion Rule

  CVE ID :CVE-2025-67750
  Published : Dec. 12, 2025, 9:15 p.m. | 1 day, 4 hours ago
  Description :Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2024-58316 - Online Shopping System Advanced 1.0 SQL Injection via Payment Success Parameter

  CVE ID :CVE-2024-58316
  Published : Dec. 12, 2025, 9:15 p.m. | 1 day, 4 hours ago
  Description :Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the payment_success.php script that allows attackers to inject malicious SQL through the unfiltered 'cm' parameter. Attackers can exploit the vulnerability by sending crafted SQL queries to retrieve sensitive database information by manipulating the user ID parameter.
  Severity: 8.7 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-8083 - Vuetify Prototype Pollution via Preset options

  CVE ID :CVE-2025-8083
  Published : Dec. 12, 2025, 8:15 p.m. | 1 day, 5 hours ago
  Description :The Preset configuration https://v2.vuetifyjs.com/en/features/presets  feature of Vuetify is vulnerable to Prototype Pollution https://cheatsheetseries.owasp.org/cheatsheets/Prototype_Pollution_Prevention_Cheat_Sheet.html  due to the internal 'mergeDeep' utility function used to merge options with defaults. Using a specially-crafted, malicious preset can result in polluting all JavaScript objects with arbitrary properties, which can further negatively affect all aspects of the application's behavior. This can lead to a wide range of security issues, including resource exhaustion/denial of service or unauthorized access to data. If the application utilizes Server-Side Rendering (SSR), this vulnerability could affect the whole server process. This issue affects Vuetify versions greater than or equal to 2.2.0-beta.2 and less than 3.0.0-alpha.10. Note: Version 2.x of Vuetify is End-of-Life and will not receive any updates to address this issue. For more information see here https://v2.vuetifyjs.com/en/about/eol/ .
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14572 - UTT 进取 512W formWebAuthGlobalConfig memory corruption

  CVE ID :CVE-2025-14572
  Published : Dec. 12, 2025, 8:15 p.m. | 1 day, 5 hours ago
  Description :A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14373 - Google Chrome Android Domain Spoofing Vulnerability

  CVE ID :CVE-2025-14373
  Published : Dec. 12, 2025, 8:15 p.m. | 1 day, 5 hours ago
  Description :Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
  Severity: 9.8 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...