Overview CVE-2025-12954 identifies a vulnerability in the Timetable and Event Schedule by MotoPress WordPress plugin. Specifically, versions prior to 2.4.16 fail to properly verify user access permissions during event duplication. This flaw allows users with limited roles, such as Contributor, to duplicate events they shouldn’t have access to, effectively leading to arbitrary event disclosure. This poses a significant risk as sensitive event details could be exposed to unauthorized individuals, potentially impacting privacy and security of scheduled events. Technical Details The vulnerability stems from a lack of access control checks within the event duplication functionality of the plugin. When a user…

Overview CVE-2025-13495 identifies a critical SQL Injection vulnerability present in the FluentCart plugin for WordPress. This flaw affects all versions of the plugin up to and including version 1.3.1. An authenticated attacker with Administrator-level privileges or higher can exploit this vulnerability to inject malicious SQL queries, potentially leading to sensitive data extraction from the WordPress database. Technical Details The vulnerability resides in the handling of the groupKey parameter within the RevenueReportService.php file. Insufficient input sanitization and a lack of proper SQL query preparation allows malicious users to append arbitrary SQL code to existing database queries. The vulnerable code is located…

Overview CVE-2025-12585 identifies a sensitive information exposure vulnerability within the MxChat – AI Chatbot for WordPress plugin. This vulnerability affects all versions of the plugin up to and including 2.5.5. An unauthenticated attacker can exploit this flaw by leveraging predictable upload filenames to extract session values. These extracted session values can then be used to gain unauthorized access to user conversation data. Technical Details The vulnerability stems from the way the MxChat plugin handles file uploads. The plugin utilizes predictable filenames when storing user-generated content, such as attachments within chat conversations. These filenames inadvertently expose session-related information. An attacker can…

Overview CVE-2025-10304 is a medium severity vulnerability affecting the Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin for WordPress. This vulnerability allows unauthenticated attackers to delete backup progress files, potentially causing backups to fail while they are in progress. This affects all versions up to and including 2.3.8. Technical Details The vulnerability stems from a missing capability check on the process_status_unlink() function within the plugin. This means that any user, even those not logged in, can trigger this function. By sending a crafted request to the server, an unauthenticated attacker can initiate the deletion of backup progress…

Overview A critical security vulnerability has been identified in the Modula Image Gallery plugin for WordPress, tracked as CVE-2025-13646. This vulnerability allows authenticated attackers with Author-level access or higher to upload arbitrary files to the affected WordPress server. Due to missing file type validation in a specific function, this could potentially lead to remote code execution (RCE) through race conditions, posing a significant risk to websites using the plugin. Technical Details The vulnerability resides in the ajax_unzip_file function within the Modula Image Gallery plugin, specifically in versions 2.13.1 and 2.13.2. The lack of proper file type validation during the upload…

Overview A high-severity security vulnerability, identified as CVE-2025-13645, has been discovered in the Modula Image Gallery plugin for WordPress. This flaw allows authenticated attackers with Author-level access or higher to delete arbitrary files on the server. Successful exploitation of this vulnerability can lead to Remote Code Execution (RCE) if critical files, such as wp-config.php, are deleted. This vulnerability affects versions 2.13.1 and 2.13.2 of the Modula Image Gallery plugin. It is crucial to update to a patched version immediately. Technical Details The vulnerability exists within the ajax_unzip_file function, where insufficient file path validation allows for the deletion of files outside…

Overview This article details a Stored Cross-Site Scripting (XSS) vulnerability identified as CVE-2025-13448 affecting the CSSIgniter Shortcodes plugin for WordPress. The vulnerability allows authenticated attackers with Contributor-level access or higher to inject malicious JavaScript code into pages, which will execute whenever other users visit the affected pages. Technical Details The vulnerability resides within the ‘element’ attribute of a shortcode provided by the CSSIgniter Shortcodes plugin. Specifically, versions up to and including 2.4.1 are susceptible. The plugin fails to adequately sanitize user-supplied input passed through the ‘element’ attribute. This allows an attacker to inject arbitrary HTML and JavaScript code that is…

Overview CVE-2025-65955 is a medium severity vulnerability affecting ImageMagick, a popular open-source software suite used for displaying, converting, and editing raster image files. This vulnerability resides in the Magick++ layer and occurs when handling font families. Specifically, invoking Options::fontFamily with an empty string can lead to a double-free or use-after-free condition, potentially causing crashes or heap corruption. This issue has been addressed in ImageMagick versions 7.1.2-9 and 6.9.13-34. Technical Details The vulnerability stems from improper memory management within ImageMagick’s font handling routines. When Options::fontFamily is called with an empty string, it clears the font family, which in turn calls RelinquishMagickMemory…

Overview A high-severity vulnerability, identified as CVE-2025-66476, affects Vim, a popular open-source command-line text editor, on Windows platforms. This uncontrolled search path vulnerability allows an attacker to execute arbitrary code by placing a malicious executable in the same directory as the file being edited. It’s crucial to update Vim to version 9.1.1947 or later to mitigate this risk. Technical Details Vim versions prior to 9.1.1947 on Windows, when using cmd.exe, resolve external commands by searching the current working directory before system paths. This means that when Vim invokes external tools such as findstr (used for :grep), executes external commands or…

Overview CVE-2025-55181 is a medium severity vulnerability affecting Facebook’s Proxygen HTTP/3 library. This vulnerability allows a malicious actor to cause a denial-of-service (DoS) by triggering an infinite loop, leading to unbounded memory growth and eventual process termination due to out-of-memory conditions. Technical Details The vulnerability resides within the proxygen::coro::HTTPQuicCoroSession component. Specifically, sending an HTTP request or response body exceeding 2^31 bytes triggers an infinite loop. During this loop, the backing event loop is blocked, preventing other tasks from being processed. Crucially, with each iteration of the loop, data is unconditionally appended to a std::vector. This constant appending without proper size…