1395 matches found
CVE-2025-12095 Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval
The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.8. This is due to missing nonce validation on the role requests admin page handler in the includes/display-role-admin.php file. This makes it possible...
CVE-2025-12095 Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval
The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.8. This is due to missing nonce validation on the role requests admin page handler in the includes/display-role-admin.php file. This makes it possible...
GO-2025-3985 kcp is missing update validation allows arbitrary LogicalCluster status patches through initializingworkspaces Virtual Workspace in github.com/kcp-dev/kcp
kcp is missing update validation allows arbitrary LogicalCluster status patches through initializingworkspaces Virtual Workspace in github.com/kcp-dev/kcp...
Hono 授权问题漏洞
Hono is a web framework written in TypeScript from the Hono community. An authorization issue vulnerability exists in Hono versions 1.1.0 through prior to 4.10.2, which stems from the lack of built-in audience validation options in the JWT Auth Middleware, and could lead to token obfuscation and...
CVE-2025-10700
CVE-2025-10700 concerns the WordPress plugin Ally – Web Accessibility & Usability (versions up to 3.8.0). The issue is Cross-Site Request Forgery caused by missing/incorrect nonce validation in enable_unfiltered_files_upload, allowing unauthenticated attackers to trick an admin into enabling unfi...
CVE-2025-10312
The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation when processing form submissions in the theme-importer.php file. This makes it possible for unauthenticated attackers to trigger...
CVE-2025-10300
The TopBar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the fmenbtopbarsavesettings function. This makes it possible for unauthenticated attackers to update the plugin's settin...
EUVD-2025-34572
The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Editor-level access and above, to uploa...
PT-2025-42261
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the sun4i can driver within the Linux kernel where a missing check in the ndo change mtu function allows an attacker to configure an invalid MTU. This can be exploited b...
Simple Food Ordering System editproduct.php File SQL Injection Vulnerability
Simple Food Ordering System is a simple food ordering system. The Simple Food Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Category in the file /editproduct.php. An attacker can exploit...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal via the unpack function during the artifact extraction due to the lack of header.Name validation in the said function. An attacker can create or overwrite arbitrary files within system directories by supplying a...
CVE-2025-56747
Creativeitem Academy LMS up to and including 5.13 contains a privilege escalation vulnerability in the Apiinstructor controller where regular authenticated users can access instructor-only functions without proper role validation, allowing unauthorized course creation and management...
GHSA-J44M-5V8F-GC9C Flowise is vulnerable to arbitrary file exposure through its ReadFileTool
Summary The ReadFileTool in Flowise does not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read arbitrary files from the file system, potentially leading to remote command execution. Details Flowise supports providing ReadFileTool for large models to...
CVE-2025-61925 Astro's `X-Forwarded-Host` is reflected with no validation
Astro is a web framework. Prior to version 5.14.2, Astro reflects the value in X-Forwarded-Host in output when using Astro.url without any validation. It is common for web servers such as nginx to route requests via the Host header, and forward on other request headers. As such as malicious reque...
CVE-2025-61925 Astro's `X-Forwarded-Host` is reflected with no validation
Astro is a web framework. Prior to version 5.14.2, Astro reflects the value in X-Forwarded-Host in output when using Astro.url without any validation. It is common for web servers such as nginx to route requests via the Host header, and forward on other request headers. As such as malicious reque...
CVE-2025-60268
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of file checking in the saveFiles function in /jeewms/cgUploadController.do. An attacker with normal privileges was able to upload a malicious file that would lead to remote code execution...
CVE-2025-11616
A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...
EUVD-2025-33752
A missing validation check in FreeRTOS-Plus-TCP's UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in the packet header. This issue only affects applications using IPv6. We recommend upgrading to the...
CVE-2025-11617 Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP
A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...
CVE-2025-0038
In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality...