2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-39491 — Path: Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpress allows Path Traversal.This issue affects WHMpress

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-39491

Path Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpress allows Path Traversal.This issue affects WHMpress: from n/a through <= 6.2-revision-9. CVSSv3.1 8.1 (HIGH)

CWECWE 35TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-05-16
2025-05-16 16:15Z
CRIT

CVE-2025-39481 — Imithemes Eventer: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through < 3.11.4. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89VNDImithemesTYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-05-16
2025-05-16 16:15Z
CRIT

CVE-2025-32643 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32643

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM gym-management allows Blind SQL Injection.This issue affects WPGYM: from n/a through < 67.8.0. CVSSv3.1 9.3 (CRITICAL)

CWECWE 89TYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32310 — Site: Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32310

Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress quickcal allows Privilege Escalation.This issue affects QuickCal - Appointment Booking Calendar for WordPress: from n/a through <= 1.0.15. CVSSv3.1 8.8 (HIGH)

CWECWE 352TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32307 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32307

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Chameleon HTML5 Audio Player With/Without Playlist lbg-audio1-html5 allows SQL Injection.This issue affects Chameleon HTML5 Audio Player With/Without Playlist: from n/a through <= 3.5.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32306 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32306

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Radio Player Shoutcast & Icecast WordPress Plugin audio4-html5 allows Blind SQL Injection.This issue affects Radio Player Shoutcast & Icecast WordPress Plugin: from n/a through <= 4.4.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32301 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32301

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin circular_countdown allows SQL Injection.This issue affects CountDown Pro WP Plugin: from n/a through <= 2.7. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
728 × 90 / responsive · programmatic ad slot
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32290 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32290

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky HTML5 Music Player lbg-audio3-html5 allows SQL Injection.This issue affects Sticky HTML5 Music Player: from n/a through <= 3.1.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-32287 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-32287

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows SQL Injection.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through <= 3.5.7. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-31928 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31928

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Multimedia Responsive Carousel with Image Video Audio Support multimedia-carousel allows SQL Injection.This issue affects Multimedia Responsive Carousel with Image Video Audio Support: from n/a through <= 2.6.0. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-31926 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31926

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through <= 3.4. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-31641 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31641

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup UberSlider uber-classic allows SQL Injection.This issue affects UberSlider: from n/a through < 2.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-31640 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31640

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magic-carousel allows SQL Injection.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through < 1.6. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 16:15Z
HIGH

CVE-2025-31637 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31637

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup SHOUT lbg-audio8-html5-radio_ads allows SQL Injection.This issue affects SHOUT: from n/a through <= 3.5.3. CVSSv3.1 8.5 (HIGH)

CWECWE 89TYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2025-05-16
2025-05-16 13:24Z
INFO

Volatility 3 2.26.0

Volatility3 releases·github.com

Volatility 3 version 2.26.0 released, achieving functional parity with the deprecated Volatility 2 framework. The release includes 12 new Linux plugins (graphics, IP, kallsyms, module extraction, tracing), 5 new Windows plugins (deskscan, direct/indirect syscalls, suspended threads), and 1 new macOS plugin, along with modernized Python packaging via pyproject.toml and a new testing framework.

SRFApplicationSRFOsVNDVolatilityTYPTool
45
Edit Score
2025-05-15
2025-05-15 04:16Z
CRIT

CVE-2025-3917 — WordPress: The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-3917

The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)

CWECWE 434VNDWordpressTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-05-14
2025-05-14 17:15Z
HIGH

CVE-2025-3909 — Mozilla Thunderbird: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-3909

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// p CVSSv3.1 8.1 (HIGH)

CWECWE 356VNDMozillaTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2025-05-14
2025-05-14 15:09Z
HIGH

go-invoker-clr — Good CLR Host with Native patchless AMSI Bypass

GitHub · EDR bypass / evasion·github.comGITHUB POC

go-invoker-clr is a Go-based tool that hosts and executes .NET assemblies with a patchless AMSI bypass by implementing a custom IHostControl interface. The technique leverages Load_2 instead of Load_3 to circumvent AMSI detection without memory patching, building on prior research from IBM X-Force Red and community work.

SRFApplicationSRFOsTACTA0005TYPResearchTYPToolSTGDefense EvasionSTGExecutionTECT1559.001
76
Edit Score
2025-05-13
2025-05-13 17:16Z
HIGH

CVE-2025-30386 — Microsoft 365_apps: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-30386

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 69th percentile

CWECWE 416VNDMicrosoftTYPVulnerability
8.4
CVSS v3.1
92
Edit Score
2025-05-12
2025-05-12 22:15Z
HIGH

CVE-2025-31223 — Apple Safari: Processing maliciously crafted web content may lead to memory corruption.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-31223

The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. CVSSv3.1 8.0 (HIGH)

CWECWE 120CWECWE 119VNDAppleTYPVulnerability
8.0
CVSS v3.1
90
Edit Score
2025-05-12
2025-05-12 19:15Z
CRIT

CVE-2025-47682 — Cozyvision Sms_alert_order_notifications: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-47682

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.1. CVSSv3.1 9.3 (CRITICAL) · EPSS 47th percentile

CWECWE 89VNDCozyvisionTYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2025-05-09
2025-05-09 16:15Z
CRIT

CVE-2025-28200 — Govicture Rx1800_firmware: Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-28200

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address. CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile

CWECWE 521VNDGovictureVNDVictureTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-05-09
2025-05-09 13:00Z
HIGH

Before You Red Team: Fix These 5 Common Mistakes

Bishop Fox Labs·bishopfox.com

Bishop Fox publishes defensive guidance based on 20+ years of red team engagements, identifying five recurring security gaps exploited in ~90% of assessments: improper secrets management, excessive user privileges, flat network architecture, over-reliance on user training against social engineering, and weak/default security detections. The article emphasizes that attackers exploit these patterns systematically rather than relying on zero-days, and provides mitigation strategies for each category.

SRFOsTACTA0004TACTA0001SRFNetworkSRFIdentityTACTA0003SRFCloudTACTA0008
68
Edit Score
2025-05-09
2025-05-09 07:16Z
CRIT

CVE-2025-3605 — Frontend: The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-3605

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage CVSSv3.1 9.8 (CRITICAL)

CWECWE 639VNDFrontendTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2025-05-09
2025-05-09 07:16Z
HIGH

CVE-2025-3455 — Click: The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2025-3455

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'start_restore' function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDClickTYPVulnerability
8.8
CVSS v3.1
94
Edit Score