CVE-2025-8760

A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64decode of the component fcgiserver. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely...

CVE-2025-8059

The CVE refers to the WordPress B Blocks plugin (versions up to 2.0.6) with a privilege-escalation flaw caused by missing authorization and input validation in the rgfr_registration() function. This allows unauthenticated attackers to create a new account and grant it the administrator role. Publ...