CVE-2025-7995

Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit...

Improper Access Control

github.com/mattermost/mattermost-server is vulnerable to Improper Access Control. The vulnerability is due to failing to validate access controls at the time of access, which allows an attacker to read a thread via AI posts...

CVE-2025-56404

An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation...

PT-2025-37007

Name of the Vulnerable Software and Affected Versions: Responsive Filterable Portfolio plugin for WordPress versions through 1.0.24 Description: The plugin is susceptible to arbitrary file uploads due to missing file type validation via the HdnMediaSelection image field. This allows authenticated...

PT-2025-36494

Name of the Vulnerable Software and Affected Versions: Doccure theme for WordPress versions through 1.4.8 Description: The Doccure theme for WordPress is susceptible to arbitrary file uploads due to the absence of file type validation within the doccure temp upload to media function. This flaw...

CVE-2025-58439 ERP: Possibility of SQL injection due to missing validation

ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15.0.0 through 15.75.1, lack of validation of parameters left certain endpoints vulnerable to error-based SQL Injection. Some information like version could be retrieved. This issue is fixed in versions...

CVE-2025-58439

CVE-2025-58439 concerns ERP (ERPNext) — an open source ERP. Publicly available details indicate a lack of parameter validation in versions below 14.89.2 and 15.0.0 through 15.75.1, enabling error-based SQL Injection on certain endpoints and potentially leaking version information. The issue is mi...

CVE-2022-38691

In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2022-38691

CVE-2022-38691 concerns a vulnerability in the BootROM where there is a possible missing validation for Certificate Type 0. The documented impact is local escalation of privilege with no additional execution privileges required. The description is consistent across multiple sources (NVD/Red Hat/C...

PT-2025-35462

Name of the Vulnerable Software and Affected Versions: Cisco BootROM affected versions not specified Description: In BootROM, a missing validation check for Certificate Type 0 may allow for local privilege escalation without requiring additional execution privileges. Recommendations: At the momen...

PT-2025-35202

Name of the Vulnerable Software and Affected Versions: Booster for WooCommerce versions up to and including 7.2.4 Description: The Booster for WooCommerce plugin for WordPress is susceptible to arbitrary file uploads due to the absence of file type validation within the add files to order functio...

NULL Pointer Dereference

libtiff is vulnerable to Null Pointer Dereference. The vulnerability is due to lack of validation in the PSLvl2page function of tiff2ps.c, which can trigger a null pointer dereference under specific configurations...

WordPress plugin StoryChief 代码问题漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin StoryChief file upload vulnerability , the vulnerability stems from the...

WordPress plugin Add User Meta 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Add User Meta plugin, which stems from missing or incorrect validation of random numbers on the "add-user-meta...

WordPress BerqWP plugin file upload vulnerability

WordPress BerqWP plugin is an automated performance optimization plugin for the WordPress platform, which is mainly used to improve website loading speed, Core Web Vitals score and search engine ranking. A file upload vulnerability exists in the WordPress BerqWP plugin, which stems from a missing...

CVE-2025-6207

The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpietempalteimport' function in all versions up to, and including, 3.9.28. This makes it possible for authenticated attackers, with Subscriber-level access and above,...

CVE-2025-7443

The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the storejavascriptcache.php file in all versions up to, and including, 2.2.4...

CVE-2025-4370

The Brizy – Page Builder plugin for WordPress is vulnerable to limited file uploads due to missing authorization on processexternalasseturls function as well as missing path validation in storefile function in all versions up to, and including, 2.6.20. This makes it possible for unauthenticated...

CVE-2025-5831

The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the makegooglefontoffline function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

CVE-2025-7437

The Ebook Store plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ebookstoresaveform function in all versions up to, and including, 5.8012. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...