VulDB Recent Entries

A vulnerability classified as critical was found in Discussion Board Plugin up to 2.5.5 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation results in code injection. This vulnerability is identified as CVE-2025-8483. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as problematic has been found in BackWPup Plugin up to 5.5.0 on WordPress. Affected by this issue is the function backwpup_working. The manipulation leads to missing authorization. This vulnerability is referenced as CVE-2025-10579. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as problematic has been identified in Simple Registration for WooCommerce Plugin up to 1.5.8 on WordPress. Affected by this vulnerability is an unknown functionality of the file includes/display-role-admin.php. Executing manipulation can lead to cross-site request forgery. The identification of this vulnerability is CVE-2025-12095. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as critical has been reported in Directorist Plugin up to 8.4.8 on WordPress. Affected is the function add_listing_action. Performing manipulation results in path traversal. This vulnerability was named CVE-2025-10488. The attack may be initiated remotely. There is no available exploit.

A vulnerability labeled as critical has been found in D-Link DIR600L 116WWb01. This impacts the function formSetWAN_Wizard52. Such manipulation of the argument curTime leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-60553. The attack can be launched remotely. No exploit exists.

A vulnerability identified as critical has been detected in D-Link DIR600L 116WWb01. This affects the function formSetWAN_Wizard7. This manipulation of the argument curTime causes buffer overflow. This vulnerability is handled as CVE-2025-60547. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in D-Link DIR600L 116WWb01. The impacted element is the function formSetWizardSelectMode. The manipulation of the argument curTime results in buffer overflow. This vulnerability is known as CVE-2025-60555. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in PerfreeBlog 4.0.11. It has been rated as problematic. The affected element is the function unInstallTheme. The manipulation leads to incomplete cleanup. This vulnerability is traded as CVE-2025-60730. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PerfreeBlog 4.0.11. It has been declared as critical. Impacted is the function installPlugin. Executing manipulation can lead to unrestricted upload. This vulnerability appears as CVE-2025-60735. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in PerfreeBlog 4.0.11. It has been classified as critical. This issue affects the function installTheme. Performing manipulation results in unrestricted upload. This vulnerability is reported as CVE-2025-60731. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in PerfreeBlog 4.0.11 and classified as critical. This vulnerability affects the function validThemeFilePath. Such manipulation leads to path traversal. This vulnerability is documented as CVE-2025-60729. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in D-Link DIR600L 116WWb01. Affected by this issue is the function formVirtualServ. The manipulation of the argument curTime results in buffer overflow. This vulnerability is cataloged as CVE-2025-60558. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Azure Access BLU-IC2 and BLU-IC4 up to 1.19.5 and classified as very critical. This affects an unknown part. This manipulation causes inclusion of undocumented features or chicken bits. This vulnerability is registered as CVE-2025-12176. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability, which was classified as critical, has been found in D-Link DIR600L 116WWb01. Affected by this vulnerability is the function formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. This vulnerability is listed as CVE-2025-60557. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in D-Link DIR600L 116WWb0. Affected is the function formLanSetupRouterSettings. Executing manipulation of the argument curTime can lead to buffer overflow. This vulnerability is tracked as CVE-2025-60548. The attack can be launched remotely. No exploit exists.

A vulnerability classified as critical has been found in D-Link DIR600L 116WWb01. This impacts the function formSetWizard1. Performing manipulation of the argument curTime results in buffer overflow. This vulnerability is identified as CVE-2025-60556. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as critical has been identified in D-Link DIR600L 116WWb01. This affects the function formSetEnableWizard. Such manipulation of the argument curTime leads to buffer overflow. This vulnerability is referenced as CVE-2025-60554. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as critical has been reported in D-Link DIR600L 116WWb01. The impacted element is the function formTcpipSetup. This manipulation of the argument curTime causes buffer overflow. The identification of this vulnerability is CVE-2025-60552. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in D-Link DIR600L 116WWb01. The affected element is the function formDeviceReboot. The manipulation of the argument next_page results in buffer overflow. This vulnerability was named CVE-2025-60551. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as critical has been detected in D-Link DIR600L 116WWb01. Impacted is the function formEasySetTimezone. The manipulation of the argument curTime leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-60550. The attack is possible to be carried out remotely. No exploit exists.