CVE ID : CVE-2025-9085 Published : Sept. 6, 2025, 2:24 a.m. | 15 minutes ago Description : The User Registration & Membership plugin for WordPress is vulnerable to SQL Injection via the ‘s’ parameter in version 4.3.0. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing […]
CVE ID : CVE-2025-9515 Published : Sept. 6, 2025, 2:24 a.m. | 15 minutes ago Description : The Multi Step Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the import functionality in all versions up to, and including, 1.7.25. This makes it possible for authenticated attackers, with […]
CVE ID : CVE-2025-8360 Published : Sept. 6, 2025, 2:24 a.m. | 15 minutes ago Description : The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin’s widgets in all versions up to, and including, 1.5.5.1 due to insufficient input sanitization and output escaping on user […]
CVE ID : CVE-2025-9849 Published : Sept. 6, 2025, 2:15 a.m. | 24 minutes ago Description : The Html Social share buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘zm_sh_btn’ shortcode in all versions up to, and including, 2.1.16 due to insufficient input sanitization and output escaping on user supplied attributes. […]
CVE ID : CVE-2025-7368 Published : Sept. 6, 2025, 2:15 a.m. | 24 minutes ago Description : The REHub – Price Comparison, Multi Vendor Marketplace WordPress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the ‘ajax_action_re_getfullcontent’ function due to insufficient restrictions on which posts can be […]
CVE ID : CVE-2025-7366 Published : Sept. 6, 2025, 2:15 a.m. | 24 minutes ago Description : The The REHub – Price Comparison, Multi Vendor Marketplace WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an […]
CVE ID : CVE-2025-6067 Published : Sept. 6, 2025, 2:15 a.m. | 24 minutes ago Description : The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption` and `data-linktext` parameters in all versions up to, and including, 6.6.7 due to […]
The following table lists the changes that have been made to the CVE-2025-58439 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Sep. 06, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-58375 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. CVE Rejected by [email protected] Sep. 06, 2025 Action Type […]
Two New High-Severity Flaws in FreePBX Puts Admins and APIs at Risk The FreePBX project has issued an important security advisory addressing two vulnerabilities that pose significant risks to administrators and API-integrated systems. The flaws—CVE-2025-55209 (CVSS 7. … Read more Published Date: Sep 06, 2025 (8 hours, 26 minutes ago) Vulnerabilities has been mentioned in this article. […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
