Overview CVE-2025-12124 details a Stored Cross-Site Scripting (XSS) vulnerability found in the FitVids for WordPress plugin. This vulnerability affects versions up to and including 4.0.1. Attackers with administrator-level permissions can inject malicious JavaScript code into the plugin’s settings. This code then executes whenever a user accesses a page where the injected settings are displayed. This vulnerability is particularly relevant for multi-site installations or installations where the unfiltered_html capability has been explicitly disabled. Technical Details The vulnerability stems from insufficient input sanitization and output escaping within the FitVids plugin’s admin settings panel. Specifically, user-supplied data submitted through the plugin’s configuration options…
-
-
Overview A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Time Sheets plugin for WordPress, tracked as CVE-2025-10055. This vulnerability affects all versions of the plugin up to and including 2.1.3. Successful exploitation of this flaw allows unauthenticated attackers to perform actions on behalf of a site administrator, provided they can trick the administrator into clicking a malicious link or performing an unintended action. Technical Details The Time Sheets plugin, in versions 2.1.3 and earlier, lacks proper nonce validation on several endpoints. Nonces are security tokens designed to prevent CSRF attacks. The absence of or improper implementation of…
-
Overview CVE-2016-20023 describes a medium severity vulnerability affecting CKSource CKFinder before version 2.5.0.1 for ASP.NET. This vulnerability allows authenticated users to download arbitrary files from the server if they can provide the correct path to the target file. This poses a significant security risk as sensitive information stored on the server could be exposed. Technical Details The vulnerability stems from insufficient access control checks within CKFinder’s file download functionality. Authenticated users, even with limited privileges, could bypass intended restrictions by manipulating the file path parameter in a download request. This bypass allowed them to request and receive files outside of…
-
Overview CVE-2025-32901 is a security vulnerability affecting KDE Connect versions prior to 1.33.0 on the Android platform. This vulnerability arises from the application’s handling of malicious device IDs received via broadcast UDP packets. A specially crafted device ID could trigger a crash of the KDE Connect application on affected Android devices. Technical Details The vulnerability stems from insufficient validation of the device ID received through broadcast UDP messages. KDE Connect uses UDP broadcasts to discover other devices on the network running the application. The affected versions of KDE Connect are susceptible to a malformed device ID leading to an unhandled…
-
Overview CVE-2025-32899 describes a medium severity vulnerability affecting KDE Connect versions prior to 1.33.0 on Android. This flaw allows an attacker to craft a malicious network packet that, when received by a paired KDE Connect device, forces the device to unpair from its connected partner. This vulnerability is triggered by a specially crafted discovery packet sent over broadcast UDP. Technical Details The vulnerability resides in the KDE Connect’s discovery mechanism, which relies on UDP broadcast packets to identify and establish connections between devices. The crafted packet exploits a weakness in the parsing or validation of incoming discovery packets. Specifically, the…
-
Overview CVE-2025-32898 is a medium severity vulnerability affecting KDE Connect and related applications. This vulnerability stems from the use of an insufficiently robust verification-code protocol, making the application susceptible to brute-force attacks. This issue has been addressed in updated versions of KDE Connect. Technical Details The KDE Connect verification-code protocol, specifically in versions prior to the fixes released on 2025-04-18, utilizes only 8 characters for its verification codes. This limited character space dramatically reduces the entropy, making it feasible for attackers to exhaustively test possible code combinations within a reasonable timeframe. Successfully brute-forcing the code allows an attacker to establish…
-
Overview CVE-2025-13494 identifies a sensitive information exposure vulnerability in the SSP Debug plugin for WordPress. This vulnerability affects all versions of the plugin up to and including 1.0.0. The core issue lies in the plugin’s storage of PHP error logs in a publicly accessible location without proper access controls, potentially revealing sensitive information to unauthorized users. Technical Details The SSP Debug plugin, designed to assist with debugging WordPress sites, inadvertently saves PHP error logs to a predictable and web-accessible directory: wp-content/uploads/ssp-debug/ssp-debug.log. Due to the absence of access restrictions on this directory, any unauthenticated attacker can directly access the log file…
-
Overview CVE-2025-13362 describes a Cross-Site Request Forgery (CSRF) vulnerability found in the Norby AI WordPress plugin. This vulnerability affects all versions up to and including 1.0.3. The lack of sufficient nonce validation on the settings update functionality allows unauthenticated attackers to potentially modify the plugin’s settings and inject malicious web scripts. This attack requires tricking a logged-in WordPress administrator into performing an action, such as clicking a specially crafted link. Technical Details The Norby AI plugin’s save.php file, responsible for handling settings updates, does not properly validate the presence of a nonce. A nonce (number used once) is a security…
-
Overview A critical vulnerability, identified as CVE-2025-13313, has been discovered in the CRM Memberships plugin for WordPress. This flaw allows unauthenticated attackers to reset arbitrary user passwords, potentially leading to complete account takeover and unauthorized access to sensitive data. This vulnerability affects all versions up to and including version 2.5 of the plugin. Website administrators using the CRM Memberships plugin are strongly advised to take immediate action to mitigate this risk. Technical Details The vulnerability stems from missing authentication and authorization checks on the ntzcrm_changepassword AJAX action. An attacker can exploit this by sending a specially crafted request to the…
-
Overview A significant security vulnerability, identified as CVE-2025-13312, has been discovered in the CRM Memberships plugin for WordPress. This flaw allows unauthenticated attackers to create arbitrary membership tags and potentially modify CRM configuration. The vulnerability stems from a missing capability check in the ntzcrm_add_new_tag function. All versions of the plugin up to and including version 2.5 are affected. This poses a serious risk to websites using the plugin, as attackers can leverage this vulnerability to manipulate membership management and potentially gain unauthorized access or control. Technical Details The vulnerability resides in the ntzcrm_add_new_tag function within the CRM Memberships plugin. Specifically,…