Overview CVE-2025-13354 describes an authorization bypass vulnerability found in the Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin (TaxoPress) for WordPress. This vulnerability affects all versions up to and including 3.40.1. Due to improper authorization checks within the taxopress_merge_terms_batch function, authenticated attackers with subscriber-level access or higher can potentially merge or delete arbitrary taxonomy terms. This could lead to data corruption, loss of site structure, and potentially further exploitation. Technical Details The vulnerability lies in the taxopress_merge_terms_batch function within the TaxoPress plugin. The plugin fails to adequately verify if a user has the necessary permissions to perform…

Overview A critical security vulnerability, identified as CVE-2025-13342, has been discovered in the Frontend Admin plugin by DynamiApps for WordPress. This vulnerability affects all versions up to and including 3.28.20. It allows unauthenticated attackers to remotely modify sensitive WordPress options. If you are using this plugin, it is imperative that you update to the latest version immediately. Technical Details The vulnerability stems from insufficient capability checks and lack of input validation within the ActionOptions::run() save handler. This function, responsible for saving frontend form data, fails to adequately verify user permissions or sanitize input. As a result, an unauthenticated attacker can…

Overview CVE-2025-13109 is a medium-severity vulnerability affecting the HUSKY – Products Filter Professional for WooCommerce plugin for WordPress. This Insecure Direct Object Reference (IDOR) flaw allows authenticated attackers, even with subscriber-level access, to manipulate saved search queries associated with other users, including administrators. The vulnerability exists in versions up to and including 1.3.7.2. Technical Details The vulnerability stems from missing validation on a user-controlled key within the woof_add_query and woof_remove_query functions. Specifically, the plugin fails to properly verify if the user initiating the request has the authority to modify the saved search queries associated with the targeted user’s profile. This…

Overview This article details a medium-severity authorization bypass vulnerability identified as CVE-2025-12887 affecting the Post SMTP plugin for WordPress, versions up to and including 3.6.1. This vulnerability allows authenticated attackers (subscriber level and above) to inject invalid or attacker-controlled OAuth credentials, potentially compromising email sending functionality and associated data. Technical Details The vulnerability resides in the handle_gmail_oauth_redirect function of the Post SMTP plugin. The core issue is that the plugin fails to adequately verify if the user accessing this function is authorized to update OAuth tokens. An attacker with an authenticated WordPress account (even with minimal privileges like a subscriber…

Overview CVE-2025-12358 is a MEDIUM severity Cross-Site Request Forgery (CSRF) vulnerability found in the ShopEngine Elementor WooCommerce Builder Addon plugin for WordPress. This vulnerability affects all versions up to and including 4.8.5. It allows unauthenticated attackers to add or remove products from a user’s wishlist without their consent, potentially manipulating customer data and impacting the integrity of your online store. Technical Details The vulnerability stems from two key issues: Missing Nonce Validation in “post_add_to_list” function: The “post_add_to_list” function, responsible for adding or removing items from a wishlist, lacks proper nonce validation. Nonces are cryptographic tokens used to verify that a…

Overview CVE-2025-39665 describes a user enumeration vulnerability found in NagVis’ Checkmk MultisiteAuth. This vulnerability affects versions prior to 1.9.48. An unauthenticated attacker can exploit this flaw to enumerate valid Checkmk usernames. This information can then potentially be used in further attacks, such as brute-force attempts or social engineering. Technical Details The vulnerability resides within the authentication handling of the Checkmk MultisiteAuth component in NagVis. The specific mechanism allowing user enumeration is not fully detailed in the publicly available descriptions, but the vulnerability has been addressed in NagVis version 1.9.48. The fix likely involves changes to how the system handles invalid…

Overview CVE-2025-13947 describes a high-severity vulnerability discovered in WebKitGTK, a widely used web browser engine. This flaw allows for the potential disclosure of sensitive files that the user has read access to. The vulnerability stems from inadequate validation of drag-and-drop operations, specifically failing to verify if a drag operation originated from outside the browser context. This can be exploited via a malicious website and user interaction. Technical Details The root cause of CVE-2025-13947 lies in WebKitGTK’s insufficient validation of the origin of drag-and-drop events. Normally, drag-and-drop functionality is intended to facilitate moving or copying data between different applications or within…

Overview CVE-2025-29864 is a Protection Mechanism Failure vulnerability identified in ESTsoft ALZip, a popular file compression and archiving utility for Windows. This vulnerability allows attackers to bypass the Windows SmartScreen filter, potentially leading to the execution of malicious code disguised within seemingly harmless archives. This issue affects ALZip versions 12.01 up to, but not including, version 12.29. Technical Details The specifics of the vulnerability relate to how ALZip handles certain file operations or archive structures. A specially crafted archive, when processed by vulnerable versions of ALZip, can trigger a condition where Windows SmartScreen is not properly invoked or bypassed entirely.…

Overview CVE-2025-13472 identifies a missing authorization vulnerability in the BlazeMeter Jenkins Plugin. Specifically, version 4.27 addressed an issue where all users, regardless of their assigned permissions within Jenkins, could view sensitive resource information. This information includes credential IDs, BlazeMeter workspace details, and BlazeMeter project IDs via a dropdown menu in the Jenkins UI. Prior to the fix implemented in version 4.27, this information disclosure could potentially be exploited by unauthorized users to gain access to sensitive BlazeMeter resources, leading to unintended consequences. Technical Details The vulnerability stemmed from a lack of proper authorization checks when displaying resource options within the…

Overview CVE-2025-12744 is a critical vulnerability discovered in the Automatic Bug Reporting Tool (ABRT) daemon. This flaw allows an unprivileged local user to escalate their privileges to root. By exploiting a weakness in how ABRT handles user-supplied mount information, an attacker can inject malicious commands into a shell command executed by the root-running ABRT process, effectively gaining full root access to the system. Technical Details The vulnerability stems from insufficient validation of user-controlled data used in the docker inspect %s command within the ABRT daemon. Specifically, ABRT copies up to 12 characters from an untrusted input source and places them…