๐จ CVE-2025-10992
A vulnerability was determined in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. Affected is an unknown function of the file /user/info/lookupList. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability was determined in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. Affected is an unknown function of the file /user/info/lookupList. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
๐จ CVE-2025-10993
A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.
๐@cveNotify
A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.
๐@cveNotify
Gitee
MuYuCMS/MuYuCMS: MuYuCMSๅบไบThinkphpๅผๅ็ไธๅฅ่ฝป้็บงๅผๆบๅ
ๅฎน็ฎก็็ณป็ป,ไธๆณจไธบๅ
ฌๅธไผไธใไธชไบบ็ซ้ฟๆไพๅฟซ้ๅปบ็ซๆไพ่งฃๅณๆนๆกใ
๐จ CVE-2025-10994
A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
Bug Report: Heap Use-After-Free in GAMESSOutputFormat::ReadMolecule (token parsing โ atoi) ยท Issue #2834 ยท openbabel/openbabel
Environment OS: Ubuntu 22.04 Compiler: clang 13.0.1 Sanitizers: AddressSanitizer (ASan) + UndefinedBehaviorSanitizer (UBSan) Build Instructions export CC=clang-13 export CXX=clang++-13 export CXXFL...
๐จ CVE-2025-10995
A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlib_stream::basic_unzip_streambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used.
๐@cveNotify
A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlib_stream::basic_unzip_streambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used.
๐@cveNotify
GitHub
Bug Report: Overlapping memcpy in zlib_stream::basic_unzip_streambuf::underflow ยท Issue #2832 ยท openbabel/openbabel
Environment OS: Ubuntu 22.04 Compiler: clang 13.0.1 Sanitizers: AddressSanitizer (ASan) + UndefinedBehaviorSanitizer (UBSan) Build Instructions export CC=clang-13 export CXX=clang++-13 export CXXFL...
๐ฅ1
๐จ CVE-2025-10173
The ShopEngine Elementor WooCommerce Builder Addon โ All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the post_save() function in all versions up to, and including, 4.8.3. This makes it possible for authenticated attackers, with Editor-level access and above, to update the plugin's settings.
๐@cveNotify
The ShopEngine Elementor WooCommerce Builder Addon โ All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized access due to an incorrect capability check on the post_save() function in all versions up to, and including, 4.8.3. This makes it possible for authenticated attackers, with Editor-level access and above, to update the plugin's settings.
๐@cveNotify
๐จ CVE-2025-10377
The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.20. This is due to missing nonce validation on the sd_toggle_logs() function. This makes it possible for unauthenticated attackers to toggle critical logging settings including Page Access Logs, Error Logs, and Email Delivery Logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
๐@cveNotify
The System Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.20. This is due to missing nonce validation on the sd_toggle_logs() function. This makes it possible for unauthenticated attackers to toggle critical logging settings including Page Access Logs, Error Logs, and Email Delivery Logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
๐@cveNotify
๐จ CVE-2025-10745
The Banhammer โ Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide โsecret keyโ being deterministically generated from a constant character set using md5() and base64_encode() and then stored in the `banhammer_secret_key` option. This makes it possible for unauthenticated attackers to bypass the pluginโs logging and blocking by appending a GET parameter named `banhammer-process_{SECRET}` where `{SECRET}` is the predictable value, thereby causing Banhammer to abort its protections for that request.
๐@cveNotify
The Banhammer โ Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress is vulnerable to Blocking Bypass in all versions up to, and including, 3.4.8. This is due to a site-wide โsecret keyโ being deterministically generated from a constant character set using md5() and base64_encode() and then stored in the `banhammer_secret_key` option. This makes it possible for unauthenticated attackers to bypass the pluginโs logging and blocking by appending a GET parameter named `banhammer-process_{SECRET}` where `{SECRET}` is the predictable value, thereby causing Banhammer to abort its protections for that request.
๐@cveNotify
๐จ CVE-2025-11000
A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
GitHub
Bug Report: Null Pointer Dereference in PQSFormat::ReadMolecule via lowerit ยท Issue #2826 ยท openbabel/openbabel
Environment OS: Ubuntu 22.04 Compiler: clang 13.0.1 Sanitizers: AddressSanitizer (ASan) + UndefinedBehaviorSanitizer (UBSan) Build Instructions export CC=clang-13 export CXX=clang++-13 export CXXFL...
๐จ CVE-2025-9044
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
๐จ CVE-2025-60017
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parameter (within restart_wifi_ap and restart_wifi_sta).
๐@cveNotify
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapd_restart.sh wifi_ssid or wifi_pass parameter (within restart_wifi_ap and restart_wifi_sta).
๐@cveNotify
GitHub
GitHub - Bin4ry/UniPwn
Contribute to Bin4ry/UniPwn development by creating an account on GitHub.
๐จ CVE-2025-60250
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV.
๐@cveNotify
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the df98b715d5c6ed2b25817b6f2554124a key and the 2841ae97419c2973296a0d4bdfe19a4f IV.
๐@cveNotify
GitHub
GitHub - Bin4ry/UniPwn
Contribute to Bin4ry/UniPwn development by creating an account on GitHub.
๐จ CVE-2025-60251
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring.
๐@cveNotify
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 accept any handshake secret with the unitree substring.
๐@cveNotify
GitHub
GitHub - Bin4ry/UniPwn
Contribute to Bin4ry/UniPwn development by creating an account on GitHub.
๐จ CVE-2025-10036
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to SQL Injection via the get_all_urls() function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
๐@cveNotify
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to SQL Injection via the get_all_urls() function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
๐@cveNotify
๐จ CVE-2025-10037
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to SQL Injection via the get_posts_with_internal_featured_image() function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
๐@cveNotify
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to SQL Injection via the get_posts_with_internal_featured_image() function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
๐@cveNotify
๐จ CVE-2025-9984
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifu_api_debug_posts() function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protected posts.
๐@cveNotify
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the fifu_api_debug_posts() function in all versions up to, and including, 5.2.7. This makes it possible for unauthenticated attackers to read private/password protected posts.
๐@cveNotify
๐จ CVE-2025-59814
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database.
๐@cveNotify
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and ICX510 Gateway Billing Admin endpoint, enabling them to read the entire contents of the Billing Admin database.
๐@cveNotify
๐จ CVE-2025-59815
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the deviceโs availability, confidentiality, and integrity.
๐@cveNotify
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the deviceโs availability, confidentiality, and integrity.
๐@cveNotify
๐จ CVE-2025-59816
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue.
๐@cveNotify
This vulnerability allows attackers to directly query the underlying database, potentially retrieving all data stored in the Billing Admin database, including user credentials. User passwords are stored in plaintext, significantly increasing the severity of this issue.
๐@cveNotify
๐จ CVE-2025-59817
This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity.
๐@cveNotify
This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity.
๐@cveNotify
๐จ CVE-2025-10747
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download-add.php file in all versions up to, and including, 1.68.11. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
๐@cveNotify
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download-add.php file in all versions up to, and including, 1.68.11. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
๐@cveNotify
๐จ CVE-2025-9490
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โtitleโ parameter in all versions up to, and including, 1.20.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โtitleโ parameter in all versions up to, and including, 1.20.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify