Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2025-39491 — Path: Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpress allows Path Traversal.This issue affects WHMpress
Path Traversal: '.../...//' vulnerability in WHMPress WHMpress whmpress allows Path Traversal.This issue affects WHMpress: from n/a through <= 6.2-revision-9. CVSSv3.1 8.1 (HIGH)
CVE-2025-39481 — Imithemes Eventer: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through < 3.11.4. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-32643 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPGYM gym-management allows Blind SQL Injection.This issue affects WPGYM: from n/a through < 67.8.0. CVSSv3.1 9.3 (CRITICAL)
CVE-2025-32310 — Site: Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress
Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal - Appointment Booking Calendar for WordPress quickcal allows Privilege Escalation.This issue affects QuickCal - Appointment Booking Calendar for WordPress: from n/a through <= 1.0.15. CVSSv3.1 8.8 (HIGH)
CVE-2025-32307 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Chameleon HTML5 Audio Player With/Without Playlist lbg-audio1-html5 allows SQL Injection.This issue affects Chameleon HTML5 Audio Player With/Without Playlist: from n/a through <= 3.5.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-32306 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Radio Player Shoutcast & Icecast WordPress Plugin audio4-html5 allows Blind SQL Injection.This issue affects Radio Player Shoutcast & Icecast WordPress Plugin: from n/a through <= 4.4.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-32301 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup CountDown Pro WP Plugin circular_countdown allows SQL Injection.This issue affects CountDown Pro WP Plugin: from n/a through <= 2.7. CVSSv3.1 8.5 (HIGH)
CVE-2025-32290 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky HTML5 Music Player lbg-audio3-html5 allows SQL Injection.This issue affects Sticky HTML5 Music Player: from n/a through <= 3.1.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-32287 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist lbg-audio2-html5 allows SQL Injection.This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through <= 3.5.7. CVSSv3.1 8.5 (HIGH)
CVE-2025-31928 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Multimedia Responsive Carousel with Image Video Audio Support multimedia-carousel allows SQL Injection.This issue affects Multimedia Responsive Carousel with Image Video Audio Support: from n/a through <= 2.6.0. CVSSv3.1 8.5 (HIGH)
CVE-2025-31926 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Sticky Radio Player lbg-audio5-html5-shoutcast_sticky allows SQL Injection.This issue affects Sticky Radio Player: from n/a through <= 3.4. CVSSv3.1 8.5 (HIGH)
CVE-2025-31641 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup UberSlider uber-classic allows SQL Injection.This issue affects UberSlider: from n/a through < 2.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-31640 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Magic Responsive Slider and Carousel WordPress magic-carousel allows SQL Injection.This issue affects Magic Responsive Slider and Carousel WordPress: from n/a through < 1.6. CVSSv3.1 8.5 (HIGH)
CVE-2025-31637 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup SHOUT lbg-audio8-html5-radio_ads allows SQL Injection.This issue affects SHOUT: from n/a through <= 3.5.3. CVSSv3.1 8.5 (HIGH)
Volatility 3 2.26.0
Volatility 3 version 2.26.0 released, achieving functional parity with the deprecated Volatility 2 framework. The release includes 12 new Linux plugins (graphics, IP, kallsyms, module extraction, tracing), 5 new Windows plugins (deskscan, direct/indirect syscalls, suspended threads), and 1 new macOS plugin, along with modernized Python packaging via pyproject.toml and a new testing framework.
CVE-2025-3917 — WordPress: The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing
The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)
CVE-2025-3909 — Mozilla Thunderbird: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// p CVSSv3.1 8.1 (HIGH)
go-invoker-clr — Good CLR Host with Native patchless AMSI Bypass
go-invoker-clr is a Go-based tool that hosts and executes .NET assemblies with a patchless AMSI bypass by implementing a custom IHostControl interface. The technique leverages Load_2 instead of Load_3 to circumvent AMSI detection without memory patching, building on prior research from IBM X-Force Red and community work.
CVE-2025-30386 — Microsoft 365_apps: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH) · EPSS 69th percentile
CVE-2025-31223 — Apple Safari: Processing maliciously crafted web content may lead to memory corruption.
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption. CVSSv3.1 8.0 (HIGH)
CVE-2025-47682 — Cozyvision Sms_alert_order_notifications: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS Alert Order Notifications: from n/a through <= 3.8.1. CVSSv3.1 9.3 (CRITICAL) · EPSS 47th percentile
CVE-2025-28200 — Govicture Rx1800_firmware: Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the
Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address. CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile
Before You Red Team: Fix These 5 Common Mistakes
Bishop Fox publishes defensive guidance based on 20+ years of red team engagements, identifying five recurring security gaps exploited in ~90% of assessments: improper secrets management, excessive user privileges, flat network architecture, over-reliance on user training against social engineering, and weak/default security detections. The article emphasizes that attackers exploit these patterns systematically rather than relying on zero-days, and provides mitigation strategies for each category.
CVE-2025-3605 — Frontend: The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the flr_blocks_user_settings_handle_ajax_callback() function. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage CVSSv3.1 9.8 (CRITICAL)
CVE-2025-3455 — Click: The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin
The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'start_restore' function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)