Overview A critical security vulnerability, identified as CVE-2025-12153, has been discovered in the Featured Image via URL plugin for WordPress. This vulnerability allows authenticated attackers with Contributor-level access or higher to upload arbitrary files to the affected WordPress server. This could potentially lead to remote code execution (RCE) and full compromise of the website. All versions of the Featured Image via URL plugin up to and including version 0.1 are affected. Technical Details The vulnerability stems from a missing file type validation function within the plugin. When uploading a featured image via URL, the plugin fails to properly verify the…

Overview A medium severity vulnerability, identified as CVE-2025-12133, has been discovered in the EPROLO Dropshipping plugin for WordPress. This vulnerability affects versions up to and including 2.3.1 and allows authenticated attackers with Subscriber-level access or higher to modify and delete tracking data. This can lead to data manipulation and potential supply chain disruptions for WooCommerce store owners using the plugin. Technical Details The vulnerability stems from a missing capability check on the wp_ajax_eprolo_delete_tracking and wp_ajax_eprolo_save_tracking_data AJAX endpoints. These endpoints are responsible for deleting and saving tracking information associated with orders managed through the EPROLO Dropshipping plugin. Due to the lack…

Overview CVE-2025-12128 identifies a Cross-Site Request Forgery (CSRF) vulnerability present in the “Hide Categories Or Products On Shop Page” WordPress plugin. This security flaw affects all versions up to and including version 1.0.7. The vulnerability stems from a lack of proper nonce validation within the save_data_hcps() function. This allows an unauthenticated attacker to potentially modify the plugin’s settings by crafting a malicious request and tricking a logged-in administrator into executing it (e.g., by clicking a link). Technical Details The core of the vulnerability lies in the save_data_hcps() function, which is responsible for saving the plugin’s configuration settings. The absence of…

Overview CVE-2025-12124 details a Stored Cross-Site Scripting (XSS) vulnerability found in the FitVids for WordPress plugin. This vulnerability affects versions up to and including 4.0.1. Attackers with administrator-level permissions can inject malicious JavaScript code into the plugin’s settings. This code then executes whenever a user accesses a page where the injected settings are displayed. This vulnerability is particularly relevant for multi-site installations or installations where the unfiltered_html capability has been explicitly disabled. Technical Details The vulnerability stems from insufficient input sanitization and output escaping within the FitVids plugin’s admin settings panel. Specifically, user-supplied data submitted through the plugin’s configuration options…

Overview A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Time Sheets plugin for WordPress, tracked as CVE-2025-10055. This vulnerability affects all versions of the plugin up to and including 2.1.3. Successful exploitation of this flaw allows unauthenticated attackers to perform actions on behalf of a site administrator, provided they can trick the administrator into clicking a malicious link or performing an unintended action. Technical Details The Time Sheets plugin, in versions 2.1.3 and earlier, lacks proper nonce validation on several endpoints. Nonces are security tokens designed to prevent CSRF attacks. The absence of or improper implementation of…

Overview CVE-2016-20023 describes a medium severity vulnerability affecting CKSource CKFinder before version 2.5.0.1 for ASP.NET. This vulnerability allows authenticated users to download arbitrary files from the server if they can provide the correct path to the target file. This poses a significant security risk as sensitive information stored on the server could be exposed. Technical Details The vulnerability stems from insufficient access control checks within CKFinder’s file download functionality. Authenticated users, even with limited privileges, could bypass intended restrictions by manipulating the file path parameter in a download request. This bypass allowed them to request and receive files outside of…

Overview CVE-2025-32901 is a security vulnerability affecting KDE Connect versions prior to 1.33.0 on the Android platform. This vulnerability arises from the application’s handling of malicious device IDs received via broadcast UDP packets. A specially crafted device ID could trigger a crash of the KDE Connect application on affected Android devices. Technical Details The vulnerability stems from insufficient validation of the device ID received through broadcast UDP messages. KDE Connect uses UDP broadcasts to discover other devices on the network running the application. The affected versions of KDE Connect are susceptible to a malformed device ID leading to an unhandled…

Overview CVE-2025-32899 describes a medium severity vulnerability affecting KDE Connect versions prior to 1.33.0 on Android. This flaw allows an attacker to craft a malicious network packet that, when received by a paired KDE Connect device, forces the device to unpair from its connected partner. This vulnerability is triggered by a specially crafted discovery packet sent over broadcast UDP. Technical Details The vulnerability resides in the KDE Connect’s discovery mechanism, which relies on UDP broadcast packets to identify and establish connections between devices. The crafted packet exploits a weakness in the parsing or validation of incoming discovery packets. Specifically, the…

Overview CVE-2025-32898 is a medium severity vulnerability affecting KDE Connect and related applications. This vulnerability stems from the use of an insufficiently robust verification-code protocol, making the application susceptible to brute-force attacks. This issue has been addressed in updated versions of KDE Connect. Technical Details The KDE Connect verification-code protocol, specifically in versions prior to the fixes released on 2025-04-18, utilizes only 8 characters for its verification codes. This limited character space dramatically reduces the entropy, making it feasible for attackers to exhaustively test possible code combinations within a reasonable timeframe. Successfully brute-forcing the code allows an attacker to establish…

Overview CVE-2025-13494 identifies a sensitive information exposure vulnerability in the SSP Debug plugin for WordPress. This vulnerability affects all versions of the plugin up to and including 1.0.0. The core issue lies in the plugin’s storage of PHP error logs in a publicly accessible location without proper access controls, potentially revealing sensitive information to unauthorized users. Technical Details The SSP Debug plugin, designed to assist with debugging WordPress sites, inadvertently saves PHP error logs to a predictable and web-accessible directory: wp-content/uploads/ssp-debug/ssp-debug.log. Due to the absence of access restrictions on this directory, any unauthenticated attacker can directly access the log file…