CVE-2025-64222

Missing Authorization vulnerability in FantasticPlugins WooCommerce Recover Abandoned Cart rac allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Recover Abandoned Cart: from n/a through = 24.6.0...

[SECURITY] Fedora 43 Update: containernetworking-plugins-1.9.0-1.fc43

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

[SECURITY] Fedora 42 Update: containernetworking-plugins-1.9.0-1.fc42

Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...

Fedora: Security Advisory (FEDORA-2025-294d534170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : containernetworking-plugins (2025-294d534170)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-294d534170 advisory. Update to release v1.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Fedora: Security Advisory (FEDORA-2025-bab8cb971e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : containernetworking-plugins (2025-bab8cb971e)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-bab8cb971e advisory. Update to release v1.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

CVE-2025-65637 affecting package cni-plugins for versions less than 1.4.0-4

CVE-2025-65637 affecting package cni-plugins for versions less than 1.4.0-4. A patched version of the package is available...

EUVD-2025-204189

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

CVE-2025-64222

Missing Authorization vulnerability in FantasticPlugins WooCommerce Recover Abandoned Cart rac allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Recover Abandoned Cart: from n/a through = 24.6.0...

CVE-2025-58710

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through = 1.4.0...

PT-2025-52169

Missing Authorization vulnerability in FantasticPlugins WooCommerce Recover Abandoned Cart rac allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Recover Abandoned Cart: from n/a through = 24.6.0...

airflow-imaging-plugins (>=2.4.2 <=2.4.3), data-tracking (>=1.7.2 <=1.7.3) +1 more potentially affected by CVE-2025-67895 via apache-airflow (>=1.8.2 <=1.9.0)

apache-airflow PYPI version =1.8.2, =2.4.2, =1.7.2, =0.0.5, =0.0.6 Source cves: CVE-2025-67895 Source advisory: OSV:PYSEC-2025-87...

CVE-2025-14399 Download Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme Archival

The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.6. This is due to missing or incorrect nonce validation on the downloadpluginbulk and downloadthemebulk functions. This makes it possibl...

CVE-2025-14399

Technical details for CVE-2025-14399 are not publicly provided in the supplied documents; monitor for updates from Wordfence/WordPress vulnerability feeds.

Malicious Package

Overview node-polyfill-webpack-plugins is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2025-203557

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows DOM-Based XSS.This issue affects Document Library Lite: from n/a through = 1.1.7...

EUVD-2025-203558

Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through = 1.1.7...

CVE-2025-67985

Authorization Bypass Through User-Controlled Key vulnerability in Barn2 Plugins Document Library Lite document-library-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Document Library Lite: from n/a through = 1.1.7...

CVE-2025-64243

Missing Authorization vulnerability in e-plugins Directory Pro directory-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directory Pro: from n/a through = 2.5.6...