Skip to content

Commit 59712ae

Browse files
advisory-database[bot]advisory-database[bot]
committed
Advisory Database Sync
1 parent 46249e2 commit 59712ae

File tree

76 files changed

+3525
-0
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

76 files changed

+3525
-0
lines changed

advisories/unreviewed/2025/12/GHSA-25xg-m67p-ppc3/GHSA-25xg-m67p-ppc3.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-25xg-m67p-ppc3",
4+
"modified": "2025-12-12T06:31:14Z",
5+
"published": "2025-12-12T06:31:14Z",
6+
"aliases": [
7+
"CVE-2025-14354"
8+
],
9+
"details": "The Resource Library for Logged In Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce validation on multiple administrative functions. This makes it possible for unauthenticated attackers to perform various unauthorized actions including creating, editing, and deleting resources and categories via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14354"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/tags/1.4/includes/class-ddrll.php#L168"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/tags/1.4/includes/class-ddrll.php#L406"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/tags/1.4/includes/class-ddrll.php#L530"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/trunk/includes/class-ddrll.php#L168"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/trunk/includes/class-ddrll.php#L406"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/doubledome-resource-link-library/trunk/includes/class-ddrll.php#L530"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/71b82f1e-14ae-4eb3-9b46-5fcea1cd5a32?source=cve"
49+
}
50+
],
51+
"database_specific": {
52+
"cwe_ids": [
53+
"CWE-352"
54+
],
55+
"severity": "MODERATE",
56+
"github_reviewed": false,
57+
"github_reviewed_at": null,
58+
"nvd_published_at": "2025-12-12T04:15:49Z"
59+
}
60+
}

advisories/unreviewed/2025/12/GHSA-2729-w29v-p8pm/GHSA-2729-w29v-p8pm.json

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2729-w29v-p8pm",
4+
"modified": "2025-12-12T06:31:12Z",
5+
"published": "2025-12-12T06:31:12Z",
6+
"aliases": [
7+
"CVE-2025-12963"
8+
],
9+
"details": "The LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.2.29. This is due to the plugin not properly validating a user's identity via the 'wp-json/lazytasks/api/v1/user/role/edit/' REST API endpoint prior to updating their details like email address. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. It is also possible for attackers to abuse this endpoint to grant users with access to additional roles within the plugin",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12963"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://wordpress.org/plugins/lazytasks-project-task-management"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c6998185-0f9b-48ab-9dca-05adf5ae603a?source=cve"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-862"
34+
],
35+
"severity": "CRITICAL",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2025-12-12T04:15:40Z"
39+
}
40+
}

advisories/unreviewed/2025/12/GHSA-2qrr-mpjx-3hvh/GHSA-2qrr-mpjx-3hvh.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2qrr-mpjx-3hvh",
4+
"modified": "2025-12-12T06:31:13Z",
5+
"published": "2025-12-12T06:31:13Z",
6+
"aliases": [
7+
"CVE-2025-13971"
8+
],
9+
"details": "The TWW Protein Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Header' setting in all versions up to, and including, 1.0.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13971"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/twwc-protein/tags/1.0.24/templates/protein-calculator-compact.php#L19"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/twwc-protein/tags/1.0.24/templates/protein-calculator-large.php#L32"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/twwc-protein/trunk/templates/protein-calculator-compact.php#L19"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/twwc-protein/trunk/templates/protein-calculator-large.php#L32"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b57749db-0a47-44f8-8607-d0d962c5ced2?source=cve"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-79"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-12-12T04:15:45Z"
51+
}
52+
}

advisories/unreviewed/2025/12/GHSA-39hq-6vr8-7q37/GHSA-39hq-6vr8-7q37.json

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-39hq-6vr8-7q37",
4+
"modified": "2025-12-12T06:31:14Z",
5+
"published": "2025-12-12T06:31:14Z",
6+
"aliases": [
7+
"CVE-2025-62192"
8+
],
9+
"details": "SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If exploited, information stored in the database may be obtained or altered by an authenticated user.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62192"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://groupsession.jp/info/info-news/security20251208"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://jvn.jp/en/jp/JVN19940619"
33+
}
34+
],
35+
"database_specific": {
36+
"cwe_ids": [
37+
"CWE-89"
38+
],
39+
"severity": "MODERATE",
40+
"github_reviewed": false,
41+
"github_reviewed_at": null,
42+
"nvd_published_at": "2025-12-12T05:16:10Z"
43+
}
44+
}

advisories/unreviewed/2025/12/GHSA-3h64-fx5v-2f3q/GHSA-3h64-fx5v-2f3q.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3h64-fx5v-2f3q",
4+
"modified": "2025-12-12T06:31:12Z",
5+
"published": "2025-12-12T06:31:12Z",
6+
"aliases": [
7+
"CVE-2025-13320"
8+
],
9+
"details": "The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filter_input() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server via the 'current_user_avatar' parameter in a two-stage attack which can make remote code execution possible. This only affects sites with the custom avatar setting enabled.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13320"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/tags/2.9.12/includes/forms/trait-wpum-account.php#L70"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/tags/2.9.12/includes/forms/trait-wpum-account.php#L75"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/tags/2.9.12/includes/forms/trait-wpum-account.php#L86"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/trunk/includes/forms/trait-wpum-account.php#L70"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/trunk/includes/forms/trait-wpum-account.php#L75"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/wp-user-manager/trunk/includes/forms/trait-wpum-account.php#L86"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9d8304bf-bec2-4fcf-9fe2-46b626b3dae9?source=cve"
49+
}
50+
],
51+
"database_specific": {
52+
"cwe_ids": [
53+
"CWE-73"
54+
],
55+
"severity": "MODERATE",
56+
"github_reviewed": false,
57+
"github_reviewed_at": null,
58+
"nvd_published_at": "2025-12-12T04:15:41Z"
59+
}
60+
}

advisories/unreviewed/2025/12/GHSA-42x8-gmmp-cq4q/GHSA-42x8-gmmp-cq4q.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-42x8-gmmp-cq4q",
4+
"modified": "2025-12-12T06:31:13Z",
5+
"published": "2025-12-12T06:31:13Z",
6+
"aliases": [
7+
"CVE-2025-13966"
8+
],
9+
"details": "The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttom_image' parameter of the [paypal-shortcode] shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13966"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/paypal-payments-shortcode/tags/1.01/sls-paypal-payments-shortcode.php#L10"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/paypal-payments-shortcode/tags/1.01/sls-paypal-payments-shortcode.php#L55"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/paypal-payments-shortcode/trunk/sls-paypal-payments-shortcode.php#L10"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/paypal-payments-shortcode/trunk/sls-paypal-payments-shortcode.php#L55"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b0b1fbb1-fc2c-4eb9-89c6-364ca8c385db?source=cve"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-79"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-12-12T04:15:44Z"
51+
}
52+
}

advisories/unreviewed/2025/12/GHSA-4386-jf7c-fmx9/GHSA-4386-jf7c-fmx9.json

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4386-jf7c-fmx9",
4+
"modified": "2025-12-12T06:31:13Z",
5+
"published": "2025-12-12T06:31:13Z",
6+
"aliases": [
7+
"CVE-2025-14048"
8+
],
9+
"details": "The SimplyConvert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'simplyconvert_hash' option in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14048"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/simplyconvert/tags/1.0/simplyconvert.php#L137"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/simplyconvert/trunk/simplyconvert.php#L137"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d720466-e470-46a3-8129-3e58e1928f0d?source=cve"
33+
}
34+
],
35+
"database_specific": {
36+
"cwe_ids": [
37+
"CWE-79"
38+
],
39+
"severity": "MODERATE",
40+
"github_reviewed": false,
41+
"github_reviewed_at": null,
42+
"nvd_published_at": "2025-12-12T04:15:46Z"
43+
}
44+
}

0 commit comments

Comments
 (0)