15 matches found
VulnCheck KEV: CVE-2026-25455
Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through = 1.13.61...
CVE-2019-25455 Web Ofisi E-Ticaret v3 SQL Injection via ara.html
Web Ofisi E-Ticaret v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'a' parameter. Attackers can send GET requests to with malicious 'a' parameter values to extract sensitive database information...
CVE-2023-25455
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...
CVE-2025-25455
creationtimestamp| type| source ---|---|--- 2025-04-17 17:57:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12291 2025-04-17 18:54:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqxopnf2q 2025-04-17 23:01:10+00:00| seen|...
CVE-2025-25455
Tenda AC10 V4.0siV16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2...
CVE-2025-25455
CVE-2025-25455 affects the Tenda AC10 router (V4.0si_V16.03.10.20). A buffer overflow exists in the AdvSetMacMtuWan function when processing wanMTU2 due to improper length checking. Reported impact in CVSS: NETWORK attack, LOW complexity, NONE for confidentiality/integrity, HIGH impact to availab...
CVE-2025-25455
Tenda AC10 V4.0siV16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2...
CVE-2023-25455
CVE-2023-25455 is a Missing Authorization vulnerability in the miniOrange WordPress Social Login and Register plugin (Discord, Google, Twitter, LinkedIn) affecting versions up to 7.6.0. The issue allows unauthenticated actors to perform Arbitrary Content Deletion due to incorrectly configured acc...
CVE-2023-25455 WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.6.0 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in miniOrange WordPress Social Login and Register Discord, Google, Twitter, LinkedIn allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register Discord, Google, Twitter, LinkedIn: from n/a...
WordPress WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Plugin <= 7.6.0 is vulnerable to Arbitrary Content Deletion
Software WordPress Social Login and Register Discord, Google, Twitter, LinkedIn Type Plugin Vulnerable versions = 7.6.0 Fixed in 7.6.1 OWASP Top 10 A5: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2023-25455 Patch priority Low CVSS severity Low 5.3 Developer Claim...
CVE-2022-25455
creationtimestamp| type| source ---|---|--- 2022-03-18 23:22:58+00:00| seen| https://t.me/cibsecurity/39269...
CVE-2022-25455
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function...
CVE-2022-25455
The CVE-2022-25455 entry maps to a stack overflow in the Tenda AC6 SetIpMacBind function, affecting Tenda AC6 v15.03.05.09_multi. The vulnerability arises from the list parameter handling in that function, enabling a stack overflow and, per CNVD/CNNVD entries, potential arbitrary command executio...
CVE-2021-25455
creationtimestamp| type| source ---|---|--- 2021-09-09 22:30:17+00:00| seen| https://t.me/cibsecurity/28627...
CVE-2021-25455
Summary: CVE-2021-25455 is an OOB read vulnerability in the libsaviextractor.so library, reported to affect the pre-SMR Sep-2021 Release 1. The available descriptions state that an attacker could access an arbitrary memory address via a forged AVI file, via a crafted input, with a local attack ve...