Overview CVE-2025-11734 is a medium-severity vulnerability affecting the “Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links” plugin for WordPress, specifically versions up to and including 1.2.5. This vulnerability allows authenticated attackers with contributor-level access or higher to trash arbitrary posts without proper authorization checks. By exploiting this flaw, a malicious contributor can effectively delete any post on the WordPress site, regardless of their intended privileges. Technical Details The root cause of this vulnerability lies in the plugin’s implementation of a REST API endpoint. The /wp-json/aioseoBrokenLinkChecker/v1/post endpoint, intended for managing post-related broken link checks, is insufficiently protected.…
-
-
Overview CVE-2025-9625 identifies a Cross-Site Request Forgery (CSRF) vulnerability affecting the Coil Web Monetization plugin for WordPress. This vulnerability exists in versions up to and including 2.0.2. It allows unauthenticated attackers to potentially trigger CSS selector detection functionality by crafting a malicious request and tricking an administrator into executing it. This could lead to unauthorized actions performed on the website on behalf of the administrator. Technical Details The vulnerability stems from the insufficient or absent nonce validation for the `coil-get-css-selector` parameter within the `maybe_restrict_content` function of the Coil plugin. This means that an attacker can construct a malicious HTTP request…
-
Overview A significant security vulnerability, identified as CVE-2025-8609, has been discovered in the RTMKit Addons for Elementor plugin for WordPress. This flaw is a Stored Cross-Site Scripting (XSS) vulnerability that could allow attackers to inject malicious scripts into your website. This vulnerability affects all versions up to and including 1.6.1 of the RTMKit Addons for Elementor plugin. Technical Details The vulnerability resides within the Accordion Block of the plugin. Specifically, the issue stems from insufficient input sanitization and output escaping on user-supplied attributes within the Accordion block’s settings. This means that an authenticated attacker with contributor-level access or higher can…
-
Overview This article details a Stored Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-8605, affecting the Gutenify – Visual Site Builder Blocks & Site Templates plugin for WordPress. This vulnerability allows authenticated attackers with contributor-level access or higher to inject malicious JavaScript code into website pages. This code executes whenever a user views the affected page, potentially leading to account compromise, data theft, and website defacement. Technical Details CVE-2025-8605 stems from insufficient input sanitization and output escaping within the Gutenify plugin’s block attributes. Specifically, user-supplied attributes are not properly validated or encoded before being stored in the WordPress database and subsequently…
-
Overview A critical vulnerability, identified as CVE-2025-40549, has been discovered in Serv-U, a widely used managed file transfer server. This vulnerability allows a malicious actor with existing administrative privileges to bypass path restrictions and potentially execute arbitrary code within a directory. While requiring admin access mitigates the overall risk, the potential for severe impact warrants immediate attention and patching. Technical Details CVE-2025-40549 is a path restriction bypass vulnerability. Exploitation requires the attacker to already possess administrative privileges within the Serv-U environment. Once authenticated with administrative rights, the attacker can manipulate path configurations to circumvent intended restrictions. This allows the actor…
-
Overview CVE-2025-40548 is a critical vulnerability affecting Serv-U file transfer protocol servers. This flaw stems from a missing validation process that, when exploited by a malicious actor with administrative privileges, can lead to arbitrary code execution on the affected system. While administrative access is required, the potential impact of this vulnerability is severe, particularly on Windows deployments where Serv-U services often run under less-privileged service accounts. Technical Details The vulnerability lies in the lack of proper input validation within a specific functionality of Serv-U. An attacker with administrative credentials can leverage this missing validation to inject malicious code, which the…
-
Overview A critical vulnerability, identified as CVE-2025-40547, has been discovered and patched in SolarWinds Serv-U. This logic error, if exploited by a malicious actor with administrative privileges, could lead to arbitrary code execution on the affected system. Due to the high potential impact, it’s crucial to understand the details of this vulnerability and apply the necessary mitigations. Technical Details CVE-2025-40547 is a logic error vulnerability within the Serv-U application. While specific details regarding the vulnerable code are not publicly available, the advisory indicates that a malicious actor who already possesses administrative credentials on the Serv-U instance can leverage this flaw…
-
Overview CVE-2025-40545 details an open redirection vulnerability found in SolarWinds Observability Self-Hosted. This security flaw allows attackers to potentially redirect users to malicious websites by manipulating the URL parameters. While the attack complexity is considered high and authentication is required, the impact can still be significant. It’s crucial to understand the technical details and implement the recommended mitigation steps. Technical Details The vulnerability arises from insufficient sanitization of URL parameters within the SolarWinds Observability Self-Hosted application. An attacker could craft a malicious URL containing a redirect payload. If a legitimate, authenticated user clicks on this crafted link, they could be…
-
Overview CVE-2025-26391 details a Cross-Site Scripting (XSS) vulnerability identified in the SolarWinds Observability Self-Hosted platform. This vulnerability allows attackers with low-level authenticated access to inject malicious scripts into user-created URL fields, potentially leading to unauthorized actions, data theft, or other malicious activities. Technical Details The vulnerability resides in the way the SolarWinds Observability platform handles user-supplied input within URL fields. Specifically, insufficient sanitization and encoding of user-provided data allows an attacker to inject malicious JavaScript code. When a user accesses a page containing the injected script, the script executes in the user’s browser, operating within the security context of the…
-
Overview A high-severity Local File Inclusion (LFI) vulnerability has been discovered in the Category and Product Woocommerce Tabs plugin for WordPress. This vulnerability, identified as CVE-2025-13088, affects all versions of the plugin up to and including version 1.0. Successful exploitation of this vulnerability allows authenticated attackers with Contributor-level access or higher to include and execute arbitrary PHP files on the server, potentially leading to complete system compromise. Technical Details The vulnerability lies in the categoryProductTab() function within the plugin’s code. Specifically, the ‘template’ parameter lacks sufficient input validation. An attacker can manipulate this parameter to include arbitrary local files on…