Overview This article details a medium-severity authorization bypass vulnerability identified as CVE-2025-12887 affecting the Post SMTP plugin for WordPress, versions up to and including 3.6.1. This vulnerability allows authenticated attackers (subscriber level and above) to inject invalid or attacker-controlled OAuth credentials, potentially compromising email sending functionality and associated data. Technical Details The vulnerability resides in the handle_gmail_oauth_redirect function of the Post SMTP plugin. The core issue is that the plugin fails to adequately verify if the user accessing this function is authorized to update OAuth tokens. An attacker with an authenticated WordPress account (even with minimal privileges like a subscriber…

Overview CVE-2025-12358 is a MEDIUM severity Cross-Site Request Forgery (CSRF) vulnerability found in the ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress. This vulnerability affects all versions up to and including 4.8.5. It allows unauthenticated attackers to add or remove products from a user’s wishlist without their consent, potentially manipulating customer data and impacting the integrity of your online store. Technical Details The vulnerability stems from two key issues: Missing Nonce Validation in “post_add_to_list” function: The “post_add_to_list” function, responsible for adding or removing items from a wishlist, lacks proper nonce validation. Nonces are cryptographic tokens used to verify that a…

Overview CVE-2025-39665 describes a user enumeration vulnerability found in NagVis’ Checkmk MultisiteAuth. This vulnerability affects versions prior to 1.9.48. An unauthenticated attacker can exploit this flaw to enumerate valid Checkmk usernames. This information can then potentially be used in further attacks, such as brute-force attempts or social engineering. Technical Details The vulnerability resides within the authentication handling of the Checkmk MultisiteAuth component in NagVis. The specific mechanism allowing user enumeration is not fully detailed in the publicly available descriptions, but the vulnerability has been addressed in NagVis version 1.9.48. The fix likely involves changes to how the system handles invalid…

Overview CVE-2025-13947 describes a high-severity vulnerability discovered in WebKitGTK, a widely used web browser engine. This flaw allows for the potential disclosure of sensitive files that the user has read access to. The vulnerability stems from inadequate validation of drag-and-drop operations, specifically failing to verify if a drag operation originated from outside the browser context. This can be exploited via a malicious website and user interaction. Technical Details The root cause of CVE-2025-13947 lies in WebKitGTK’s insufficient validation of the origin of drag-and-drop events. Normally, drag-and-drop functionality is intended to facilitate moving or copying data between different applications or within…

Overview CVE-2025-29864 is a Protection Mechanism Failure vulnerability identified in ESTsoft ALZip, a popular file compression and archiving utility for Windows. This vulnerability allows attackers to bypass the Windows SmartScreen filter, potentially leading to the execution of malicious code disguised within seemingly harmless archives. This issue affects ALZip versions 12.01 up to, but not including, version 12.29. Technical Details The specifics of the vulnerability relate to how ALZip handles certain file operations or archive structures. A specially crafted archive, when processed by vulnerable versions of ALZip, can trigger a condition where Windows SmartScreen is not properly invoked or bypassed entirely.…

Overview CVE-2025-13472 identifies a missing authorization vulnerability in the BlazeMeter Jenkins Plugin. Specifically, version 4.27 addressed an issue where all users, regardless of their assigned permissions within Jenkins, could view sensitive resource information. This information includes credential IDs, BlazeMeter workspace details, and BlazeMeter project IDs via a dropdown menu in the Jenkins UI. Prior to the fix implemented in version 4.27, this information disclosure could potentially be exploited by unauthorized users to gain access to sensitive BlazeMeter resources, leading to unintended consequences. Technical Details The vulnerability stemmed from a lack of proper authorization checks when displaying resource options within the…

Overview CVE-2025-12744 is a critical vulnerability discovered in the Automatic Bug Reporting Tool (ABRT) daemon. This flaw allows an unprivileged local user to escalate their privileges to root. By exploiting a weakness in how ABRT handles user-supplied mount information, an attacker can inject malicious commands into a shell command executed by the root-running ABRT process, effectively gaining full root access to the system. Technical Details The vulnerability stems from insufficient validation of user-controlled data used in the docker inspect %s command within the ABRT daemon. Specifically, ABRT copies up to 12 characters from an untrusted input source and places them…

Overview A medium-severity denial-of-service (DoS) vulnerability has been identified in Wireshark, specifically within the MEGACO dissector. This vulnerability, tracked as CVE-2025-13946, affects Wireshark versions 4.6.0 to 4.6.1 and 4.4.0 to 4.4.11. An attacker could exploit this flaw by crafting malicious network traffic that triggers an infinite loop within the MEGACO dissector, leading to resource exhaustion and a denial of service condition. Technical Details The vulnerability resides in the MEGACO protocol dissector within Wireshark. Improper handling of specific MEGACO packets can cause the dissector to enter an infinite loop during packet analysis. This loop consumes excessive CPU resources, effectively rendering Wireshark…

Overview CVE-2025-13945 describes a medium severity vulnerability affecting Wireshark versions 4.6.0 and 4.6.1. This vulnerability resides in the HTTP3 dissector and can lead to a denial-of-service (DoS) condition if Wireshark processes a specially crafted packet. This article provides a detailed analysis of the vulnerability, its potential impact, and recommended mitigation strategies. Technical Details The vulnerability stems from a flaw in how the HTTP3 dissector handles malformed or unexpected data. Specifically, a crafted packet exploiting this flaw can cause Wireshark to crash, rendering it unable to analyze network traffic. The exact nature of the flaw is within the dissection logic of…

Overview A critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-13486, has been discovered in the Advanced Custom Fields: Extended plugin for WordPress. This vulnerability affects versions 0.9.0.5 through 0.9.1.1, allowing unauthenticated attackers to execute arbitrary code on the server. Immediate action is required to mitigate this risk. Technical Details The vulnerability resides in the prepare_form() function of the ACF Extended plugin. The function improperly handles user input, passing it directly to call_user_func_array(). This allows an attacker to inject malicious code through crafted requests, leading to Remote Code Execution. The lack of proper input sanitization and validation is the root…