Overview CVE-2025-13006 is a medium-severity vulnerability affecting the SurveyFunnel – Survey Plugin for WordPress. This vulnerability allows unauthenticated attackers to extract sensitive data from survey responses. This is due to several unprotected REST API endpoints in versions up to and including 1.1.5. Technical Details The vulnerability resides in the /wp-json/surveyfunnel/v2/ REST API endpoints of the SurveyFunnel plugin. Specifically, certain endpoints designed to provide survey data were not adequately protected with authentication mechanisms. This lack of authentication permits any unauthenticated user to query these endpoints and retrieve sensitive information submitted through surveys. The flawed code can be found in the class-surveyfunnel-lite-rest-api.php…
-
-
Overview CVE-2025-12417 identifies a stored Cross-Site Scripting (XSS) vulnerability present in the SurveyFunnel – Survey Plugin for WordPress, affecting all versions up to and including 1.1.5. This flaw allows authenticated attackers with contributor-level access or higher to inject malicious JavaScript code into website pages via the plugin’s ‘surveyfunnel_lite_survey’ shortcode. This code will then execute whenever a user visits the compromised page, potentially leading to account compromise, data theft, or other malicious activities. Technical Details The vulnerability stems from insufficient input sanitization and output escaping of user-supplied attributes within the ‘surveyfunnel_lite_survey’ shortcode. The plugin fails to properly validate and sanitize the…
-
Overview CVE-2025-66542 is a unique case in the world of Common Vulnerabilities and Exposures (CVEs). Unlike typical CVEs that identify specific security flaws in software or hardware, CVE-2025-66542 is explicitly marked as “Rejected reason: Not used”. This means that the CVE ID was initially assigned but was subsequently determined to be invalid, irrelevant, or otherwise not applicable to a real-world vulnerability. This article will delve into the implications of a “Not used” CVE and explain why it doesn’t warrant any immediate action. Technical Details According to the official CVE entry, CVE-2025-66542 was published on 2025-12-05T04:16:00.993 and its description states “Rejected…
-
Overview This article provides a comprehensive overview of CVE-2025-27389, a security vulnerability identified in ColorOS, the operating system developed by OPPO. This flaw relates to the verification of application installation sources. Under certain conditions, the risk detection mechanism designed to prevent the installation of malicious applications can be bypassed, potentially exposing users to security threats. Technical Details CVE-2025-27389 arises from an insufficient validation process during application installation in ColorOS. The vulnerability allows malicious applications to bypass the intended risk detection mechanisms. The specifics of the bypass technique are not publicly detailed but center around manipulating the apparent source or integrity…
-
Overview A critical vulnerability, identified as CVE-2025-13066, has been discovered in the Demo Importer Plus plugin for WordPress. This vulnerability affects all versions up to and including 2.0.6. It allows authenticated attackers with author-level access or higher to upload arbitrary files to the affected WordPress site’s server. This can lead to remote code execution and complete compromise of the website. Technical Details The vulnerability stems from insufficient file type validation when handling WXR files. The plugin fails to properly sanitize file names and extensions during the import process. Specifically, it does not adequately detect or prevent the upload of files…
-
Overview A Stored Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-12804, has been discovered in the Booking Calendar plugin for WordPress. This vulnerability affects all versions up to and including 10.14.6. It allows authenticated attackers with contributor-level access or higher to inject malicious JavaScript code into WordPress pages using the ‘bookingcalendar’ shortcode. This injected code can then execute whenever a user visits the affected page, potentially leading to account compromise or other malicious activities. Technical Details The vulnerability stems from insufficient input sanitization and output escaping of user-supplied attributes within the ‘bookingcalendar’ shortcode. Specifically, attackers can inject malicious JavaScript code within…
-
Overview CVE-2025-11759 identifies a Cross-Site Request Forgery (CSRF) vulnerability affecting the “Backup, Restore and Migrate your sites with XCloner” plugin for WordPress. This vulnerability exists in versions up to and including 4.8.2. By exploiting this flaw, unauthenticated attackers can potentially modify FTP backup configurations and exfiltrate sensitive website data. This is achieved by tricking a site administrator into performing an unintended action, such as clicking a malicious link. Technical Details The vulnerability stems from missing or insufficient nonce validation within the Xcloner_Remote_Storage:save() function. Nonces are cryptographic tokens designed to prevent CSRF attacks. The absence of proper nonce validation allows an…
-
Overview A medium severity vulnerability, identified as CVE-2025-62223, has been discovered in Microsoft Edge for iOS. This vulnerability allows an unauthorized attacker to perform spoofing over a network due to user interface (UI) misrepresentation of critical information. This article provides a detailed analysis of the vulnerability, its potential impact, and necessary mitigation steps. Technical Details CVE-2025-62223 stems from how Microsoft Edge for iOS displays information within its user interface. The vulnerability involves the misrepresentation of critical information, which can be exploited by an attacker to present misleading data to the user. This misrepresentation can trick the user into believing they…
-
Overview CVE-2025-14052 details a medium severity access control vulnerability found in youlaitech youlai-mall versions 1.0.0 and 2.0.0. The vulnerability resides within the getMemberById function of the /mall-ums/app-api/v1/members/ endpoint. Successful exploitation of this vulnerability allows remote attackers to bypass intended access controls, potentially gaining unauthorized access to sensitive member information or performing actions on behalf of other users. Technical Details The vulnerability lies in the insufficient validation or sanitization of the memberId argument passed to the getMemberById function. By manipulating this parameter, an attacker can potentially retrieve information or execute actions related to other user accounts without proper authorization. The vulnerability…
-
Overview A high-severity vulnerability, identified as CVE-2025-66564, has been discovered in the Sigstore Timestamp Authority. This vulnerability can lead to a Denial of Service (DoS) attack. The issue stems from improper handling of untrusted data within the `api.ParseJSONRequest` and `api.getContentType` functions. Versions prior to 2.0.3 are affected. It is highly recommended to upgrade to version 2.0.3 to mitigate this risk. Technical Details The vulnerability resides in the `api.ParseJSONRequest` and `api.getContentType` functions within the Sigstore Timestamp Authority. Specifically: `api.ParseJSONRequest`: This function splits an optionally-provided OID (Object Identifier) on periods using `strings.Split`. The OID is received as part of the request payload…