MAL-2025-191723 Malicious code in fastertelethon (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3ccfc281c2541df7e1354e6de8c64624fdc75dcc229d33962b171b0a95087edf Clone of Telethon package that exfiltrates credentials. See client/telegrambaseclient.py L608-626 exfiltration function and client/auth.py L163 usage. ---...

SUSE CVE-2025-21925

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

CVE-2025-31871

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through = 3.6...

CVE-2025-31872

Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Clone any post type: from n/a through = 3.6...

DEBIAN-CVE-2025-21925

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

UBUNTU-CVE-2025-21925

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

CVE-2025-31871

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through = 3.6...

CVE-2025-31872

Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Clone any post type: from n/a through = 3.6...

CVE-2025-31871

CVE-2025-31871 corresponds to an Open Redirect vulnerability in the WordPress plugin WP Clone any post type (

CVE-2025-31871 WordPress WP Clone any post type Plugin <= 3.4 - Open Redirect vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Galaxy Weblinks WP Clone any post type allows Phishing. This issue affects WP Clone any post type: from n/a through 3.4...

CVE-2025-31871 WordPress WP Clone any post type Plugin <= 3.6 - Open Redirect vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through = 3.6...

CVE-2025-31872

No technical details about CVE-2025-31872 are provided in the connected documents. Initial description mentions a Missing Authorization issue affecting WP Clone any post type (up to 3.4), but there are no confirmed product/version/root‑cause data or fixes in the supplied sources. Monitor for upda...

WordPress plugin WP Clone any post type 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...

PT-2025-14249 · WordPress · Galaxy Weblinks Wp Clone

Name of the Vulnerable Software and Affected Versions: Galaxy Weblinks WP Clone versions n/a through 3.4 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can be used to clone any post...

WordPress plugin WP Clone any post type 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-52986

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcpbpfprots when cloning a listener A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. The variant depends on the socket'...

LibreChat Denial of Service Vulnerability

LibreChat is an enhanced ChatGPT clone. LibreChat suffers from a denial of service vulnerability that can be exploited by an attacker to cause a server crash...

CVE-2025-2478

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...

CVE-2025-2478

CVE-2025-2478 (Code Clone WordPress plugin) describes a time-based SQL Injection via the snippetId parameter in versions

CVE-2025-2478 Code Clone <= 0.9 - Authenticated (Administrator+) SQL Injection via snippetId Parameter

The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible fo...