CVE-2025-12005

The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...

EUVD-2025-35909

The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...

CVE-2025-12005 WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress <= 8.5.41 - Improper Authorization to Authenticated (Contributor+) Plugin Settings Update

The WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress plugin for WordPress is vulnerable to unauthorized access of data in all versions up to, and including, 8.5.41. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...

Apache Tomcat 8.5.0 < 8.5.41 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.0.M1 to 9.0.19 or 8.5.0 to 8.5.40. It is, therefore, affected by a denial of service vulnerability due to an incomplete fix for CVE-2019-0199 which did not address HTTP/2 connection window exhaustion on write. Note that the scanner...

Apache Tomcat 8.5.0 < 8.5.41 DoS

The version of Tomcat installed on the remote host is prior to 8.5.41. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.41security-8 advisory. - The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write. By n...

Apache Tomcat 8.5.x < 8.5.41 DoS Vulnerability

Binary data 700697.pasl...