{
"Source": "CVE FEED",
"Title": "CVE-2025-5372 - OpenSSL SSH Key Derivation Buffer Initialization Vulnerability",
"Content": "CVE ID : CVE-2025-5372
Published : July 4, 2025, 6:15 a.m. | 1 hour, 59 minutes ago
Description : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for successโthe function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-5372 - OpenSSL SSH Key Derivation Buffer Initialization Vulnerability",
"Content": "CVE ID : CVE-2025-5372
Published : July 4, 2025, 6:15 a.m. | 1 hour, 59 minutes ago
Description : A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for successโthe function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
โค1
{
"Source": "CVE FEED",
"Title": "CVE-2025-5351 - LibSSH Double Free Vulnerability",
"Content": "CVE ID : CVE-2025-5351
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-5351 - LibSSH Double Free Vulnerability",
"Content": "CVE ID : CVE-2025-5351
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53568 - Tony Zeoli Radio Station CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53568
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station allows Cross Site Request Forgery. This issue affects Radio Station: from n/a through 2.5.12.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53568 - Tony Zeoli Radio Station CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53568
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station allows Cross Site Request Forgery. This issue affects Radio Station: from n/a through 2.5.12.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53569 - Trust Payments Gateway for WooCommerce CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53569
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for WooCommerce (JavaScript Library) allows Cross Site Request Forgery. This issue affects Trust Payments Gateway for WooCommerce (JavaScript Library): from n/a through 1.3.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53569 - Trust Payments Gateway for WooCommerce CSRF Vulnerability",
"Content": "CVE ID : CVE-2025-53569
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for WooCommerce (JavaScript Library) allows Cross Site Request Forgery. This issue affects Trust Payments Gateway for WooCommerce (JavaScript Library): from n/a through 1.3.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30983 - Gopiplus Card Flip Image Slideshow Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-30983
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow allows DOM-Based XSS. This issue affects Card flip image slideshow: from n/a through 1.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30983 - Gopiplus Card Flip Image Slideshow Cross-Site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-30983
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Card flip image slideshow allows DOM-Based XSS. This issue affects Card flip image slideshow: from n/a through 1.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-53566 - Osama.esh WP Visitor Statistics Cross-site Scripting",
"Content": "CVE ID : CVE-2025-53566
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Stored XSS. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-53566 - Osama.esh WP Visitor Statistics Cross-site Scripting",
"Content": "CVE ID : CVE-2025-53566
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) allows Stored XSS. This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 7.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30947 - Gopiplus Cool Fade Popup SQL Injection",
"Content": "CVE ID : CVE-2025-30947
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Cool fade popup allows Blind SQL Injection. This issue affects Cool fade popup: from n/a through 10.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30947 - Gopiplus Cool Fade Popup SQL Injection",
"Content": "CVE ID : CVE-2025-30947
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Cool fade popup allows Blind SQL Injection. This issue affects Cool fade popup: from n/a through 10.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30969 - Gopiplus iFrame Images Gallery SQL Injection",
"Content": "CVE ID : CVE-2025-30969
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery allows SQL Injection. This issue affects iFrame Images Gallery: from n/a through 9.0.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30969 - Gopiplus iFrame Images Gallery SQL Injection",
"Content": "CVE ID : CVE-2025-30969
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus iFrame Images Gallery allows SQL Injection. This issue affects iFrame Images Gallery: from n/a through 9.0.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30979 - Gopiplus Pixelating image slideshow gallery SQL Injection",
"Content": "CVE ID : CVE-2025-30979
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery allows SQL Injection. This issue affects Pixelating image slideshow gallery: from n/a through 8.0.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30979 - Gopiplus Pixelating image slideshow gallery SQL Injection",
"Content": "CVE ID : CVE-2025-30979
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Pixelating image slideshow gallery allows SQL Injection. This issue affects Pixelating image slideshow gallery: from n/a through 8.0.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30929 - Amazon Web Services (AWS) fluXtore Authorization Bypass",
"Content": "CVE ID : CVE-2025-30929
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in amazewp fluXtore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects fluXtore: from n/a through 1.6.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30929 - Amazon Web Services (AWS) fluXtore Authorization Bypass",
"Content": "CVE ID : CVE-2025-30929
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in amazewp fluXtore allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects fluXtore: from n/a through 1.6.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-30943 - Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-30943
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Posts Slider Shortcode allows DOM-Based XSS. This issue affects Posts Slider Shortcode: from n/a through 1.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-30943 - Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)",
"Content": "CVE ID : CVE-2025-30943
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aakif Kadiwala Posts Slider Shortcode allows DOM-Based XSS. This issue affects Posts Slider Shortcode: from n/a through 1.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-29007 - LMSACE Connect Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2025-29007
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in LMSACE LMSACE Connect allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LMSACE Connect: from n/a through 3.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-29007 - LMSACE Connect Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2025-29007
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in LMSACE LMSACE Connect allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LMSACE Connect: from n/a through 3.4.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-29012 - Kamleshyadav CF7 Mailchimp Add-on Authorization Bypass",
"Content": "CVE ID : CVE-2025-29012
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.2.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-29012 - Kamleshyadav CF7 Mailchimp Add-on Authorization Bypass",
"Content": "CVE ID : CVE-2025-29012
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Add-on allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CF7 7 Mailchimp Add-on: from n/a through 2.2.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-29001 - ZoomIt WooCommerce Shop Page Builder Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2025-29001
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-29001 - ZoomIt WooCommerce Shop Page Builder Missing Authorization Vulnerability",
"Content": "CVE ID : CVE-2025-29001
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28969 - Cybio Gallery Widget SQL Injection",
"Content": "CVE ID : CVE-2025-28969
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cybio Gallery Widget allows SQL Injection. This issue affects Gallery Widget: from n/a through 1.2.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28969 - Cybio Gallery Widget SQL Injection",
"Content": "CVE ID : CVE-2025-28969
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cybio Gallery Widget allows SQL Injection. This issue affects Gallery Widget: from n/a through 1.2.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28971 - CWD Web Designer Easy Elements Hider Cross-site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-28971
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CWD Web Designer Easy Elements Hider allows Stored XSS. This issue affects Easy Elements Hider: from n/a through 2.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28971 - CWD Web Designer Easy Elements Hider Cross-site Scripting Vulnerability",
"Content": "CVE ID : CVE-2025-28971
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CWD Web Designer Easy Elements Hider allows Stored XSS. This issue affects Easy Elements Hider: from n/a through 2.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28957 - OwnerRez Cross-Site Scripting",
"Content": "CVE ID : CVE-2025-28957
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OwnerRez OwnerRez allows Stored XSS. This issue affects OwnerRez: from n/a through 1.2.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28957 - OwnerRez Cross-Site Scripting",
"Content": "CVE ID : CVE-2025-28957
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OwnerRez OwnerRez allows Stored XSS. This issue affects OwnerRez: from n/a through 1.2.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28963 - "URL Shortener Server-Side Request Forgery"",
"Content": "CVE ID : CVE-2025-28963
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener allows Server Side Request Forgery. This issue affects URL Shortener: from n/a through 3.0.7.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28963 - "URL Shortener Server-Side Request Forgery"",
"Content": "CVE ID : CVE-2025-28963
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haider URL Shortener allows Server Side Request Forgery. This issue affects URL Shortener: from n/a through 3.0.7.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28967 - Steve Truman Contact People LITE SQL Injection",
"Content": "CVE ID : CVE-2025-28967
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Truman Contact Us page - Contact people LITE allows SQL Injection. This issue affects Contact Us page - Contact people LITE: from n/a through 3.7.4.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28967 - Steve Truman Contact People LITE SQL Injection",
"Content": "CVE ID : CVE-2025-28967
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Truman Contact Us page - Contact people LITE allows SQL Injection. This issue affects Contact Us page - Contact people LITE: from n/a through 3.7.4.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-27358 - mndpsingh287 Frontend File Manager Basic XSS Vulnerability",
"Content": "CVE ID : CVE-2025-27358
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-27358 - mndpsingh287 Frontend File Manager Basic XSS Vulnerability",
"Content": "CVE ID : CVE-2025-27358
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-28951 - CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-28951
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-28951 - CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability",
"Content": "CVE ID : CVE-2025-28951
Published : July 4, 2025, 9:15 a.m. | 1 hour ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "04 Jul 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น