CVE-2025-12865

creationtimestamp| type| source ---|---|--- 2025-11-10 03:01:51+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m5an2ehh7324 2025-11-10 03:51:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5apsrr3s42b 2025-11-10 06:25:17+00:00| seen|...

CVE-2025-12177

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

SUSE CVE-2016-11067

An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang...

CVE-2025-12915

creationtimestamp| type| source ---|---|--- 2025-11-09 00:32:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m55ub5ba3k2w 2025-11-09 00:55:18+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m55vizwzit22 2025-11-09 01:32:02+00:00| seen|...

WordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Prune Posts versions = 3.0.0...

CVE-2025-12098

creationtimestamp| type| source ---|---|--- 2025-11-08 10:22:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m54er2ull22n 2025-11-08 11:45:17+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m54je5qqr6j2...

CVE-2025-12399

creationtimestamp| type| source ---|---|--- 2025-11-08 09:57:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m54decrjo62x 2025-11-08 10:31:57+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m54fbdz55z2d 2025-11-08 11:45:53+00:00| seen|...

EUVD-2025-38361

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

CVE-2025-12064

creationtimestamp| type| source ---|---|--- 2025-11-08 05:45:25+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m53vaozrn3k2 2025-11-08 05:47:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53veejglz2k...

CVE-2025-12177

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

CVE-2025-12177

CVE-2025-12177 affects the WordPress Download Manager plugin (versions ≤ 3.3.30). The root cause is a hardcoded Cron key that enables unauthenticated triggering of deleteExpired() and clearTempDataCPCron(). This can lead to deletion of expired posts and clearing of cache. The vulnerability is con...

CVE-2025-12177 Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs...

CVE-2025-64488

creationtimestamp| type| source ---|---|--- 2025-11-08 02:28:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53kaf3sfy2b 2025-11-08 02:57:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m53luswwvn2u 2025-11-08 03:11:09+00:00| seen|...

CVE-2025-63687

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

PT-2025-45551

Name of the Vulnerable Software and Affected Versions WordPress Download Manager plugin versions prior to 3.3.31 Description The WordPress Download Manager plugin contains a flaw due to a hardcoded Cron key used in the deleteExpired and clearTempDataCPCron functions. This allows unauthenticated...

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-38289

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

CVE-2025-60244

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in RealMag777 TableOn posts-table-filterable allows Code Injection.This issue affects TableOn: from n/a through = 1.0.5.1...

CVE-2025-63687

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

CVE-2025-12856

creationtimestamp| type| source ---|---|--- 2025-11-07 15:15:33+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m52engqw7dv2 2025-11-07 15:57:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m52gysn63k2n...