Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.5 CVE-2025-8067

Udisks: out-of-bounds read in udisks daemon_CVE-2025-8067

A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the l...

Red Hat Red Hat Enterprise Linux 10 CVE
HIGH 7.8 CVE-2025-58322

CVE-2025-58322_CVE-2025-58322

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary comm...

NAVER NAVER MYBOX Explorer 3.0.8.133 CVE
HIGH 7.1 CVE-2025-48359

WordPress ATT YouTube Widget plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48359

Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07 ATT YouTube Widget allows Stored XSS. This issue affects ATT YouTube Widget: from n/...

thaihavnn07 ATT YouTube Widget n/a CVE
HIGH 7.1 CVE-2025-48353

WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48353

Cross-Site Request Forgery (CSRF) vulnerability in dactum Clickbank WordPress Plugin (Niche Storefront) allows Stored XSS. This issue affects Click...

dactum Clickbank WordPress Plugin (Niche Storefront) n/a CVE
HIGH 7.1 CVE-2025-48351

WordPress Kento Splash Screen plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48351

Cross-Site Request Forgery (CSRF) vulnerability in PluginsPoint Kento Splash Screen allows Stored XSS. This issue affects Kento Splash Screen: from...

PluginsPoint Kento Splash Screen n/a CVE
HIGH 7.1 CVE-2025-48343

WordPress WPMU Ldap Authentication plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48343

Cross-Site Request Forgery (CSRF) vulnerability in Aaron Axelsen WPMU Ldap Authentication allows Stored XSS. This issue affects WPMU Ldap Authentic...

Aaron Axelsen WPMU Ldap Authentication n/a CVE
HIGH 7.1 CVE-2025-48325

WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48325

Cross-Site Request Forgery (CSRF) vulnerability in shmish111 WP Admin Theme allows Stored XSS. This issue affects WP Admin Theme: from n/a through ...

shmish111 WP Admin Theme n/a CVE
HIGH 7.1 CVE-2025-48321

WordPress Ultimate twitter profile widget plugin <= 1.0 - CSRF to Stored XSS vulnerability_CVE-2025-48321

Cross-Site Request Forgery (CSRF) vulnerability in dyiosah Ultimate twitter profile widget allows Stored XSS. This issue affects Ultimate twitter p...

dyiosah Ultimate twitter profile widget n/a CVE
HIGH 7.1 CVE-2025-48320

WordPress 百度分享按钮 plugin <= 1.0.6 - CSRF to Stored XSS vulnerability_CVE-2025-48320

Cross-Site Request Forgery (CSRF) vulnerability in cuckoohello 百度分享按钮 allows Stored XSS. This issue affects 百度分享按钮: from n/a through 1....

cuckoohello 百度分享按钮 n/a CVE
HIGH 7.1 CVE-2025-48311

WordPress Invisible Optin plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-48311

Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible Optin allows Stored XSS. This issue affects Invisible Optin: from n/a throug...

OffClicks Invisible Optin n/a CVE