CVE ID : CVE-2025-4334 Published : June 26, 2025, 2:15 a.m. | 7 hours, 25 minutes ago Description : The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes…

CVE ID : CVE-2025-5590 Published : June 26, 2025, 2:15 a.m. | 7 hours, 25 minutes ago Description : The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient…

CVE ID : CVE-2025-36038 Published : June 25, 2025, 9:15 p.m. | 12 hours, 25 minutes ago Description : IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. Severity: 9.0 | CRITICAL Visit the link for more details, such…

CVE ID : CVE-2025-6627 Published : June 25, 2025, 7:15 p.m. | 14 hours, 25 minutes ago Description : A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer…

CVE ID : CVE-2025-6445 Published : June 25, 2025, 6:15 p.m. | 15 hours, 25 minutes ago Description : ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending…

CVE ID : CVE-2025-5830 Published : June 25, 2025, 6:15 p.m. | 15 hours, 25 minutes ago Description : Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to…

CVE ID : CVE-2025-5827 Published : June 25, 2025, 6:15 p.m. | 15 hours, 25 minutes ago Description : Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to…

CVE ID : CVE-2025-6617 Published : June 25, 2025, 5:15 p.m. | 16 hours, 25 minutes ago Description : A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated…

CVE ID : CVE-2025-6616 Published : June 25, 2025, 5:15 p.m. | 16 hours, 25 minutes ago Description : A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWAN_Wizard51 of the file /goform/formSetWAN_Wizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be…

CVE ID : CVE-2025-5015 Published : June 25, 2025, 5:15 p.m. | 16 hours, 25 minutes ago Description : A cross-site scripting vulnerability exists in the AccuWeather and Custom RSS widget that allows an unauthenticated user to replace the RSS feed URL with a malicious one. Severity: 8.8 | HIGH Visit the link for more details, such…