Stored Cross-site Scripting (XSS) vulnerability in api.apps.dialog_app.set_dialog in RAGFlow 0.17.2 allows remote attackers to execute arbitrary JavaScript via crafted input to the assistant greeting field, which is stored unsanitised and rendered using a markdown component with rehype-raw.

CVE Database V5

Detailed information about CVE-2025-51462: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-51462: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-51462: n/a

The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Order Details in all versions up to, and including, 5.8012 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE-2025-7486 is a stored Cross-Site Scripting (XSS) vulnerability identified in the motovnet Ebook Store plugin for WordPress, affecting all versions up to and including 5.8012. The vulnerability arises from improper neutralization of input during web page generation, specifically due to insufficient input sanitization and output escaping in the Order Details feature. This flaw allows authenticated attackers with administrator-level privileges to inject arbitrary malicious scripts into pages. These scripts execute whenever any user accesses the compromised page, potentially leading to session hijacking, privilege escalation, or other malicious activities. Notably, this vulnerability only manifests in WordPress multi-site installations or in environments where the 'unfiltered_html' capability is disabled, limiting the scope of exploitation. The CVSS v3.1 base score is 4.4 (medium severity), reflecting that exploitation requires high privileges (administrator) and network access, with no user interaction needed. The vulnerability impacts confidentiality and integrity but does not affect availability. No known exploits are currently reported in the wild, and no official patches have been released yet.

Detailed information about CVE-2025-7486: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motovnet Ebook Store af

CVE-2025-7486: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motovnet Ebook Store - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7486: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motovnet Ebook Store

CISA and FBI warn of escalating Interlock ransomware attacks

Source: https://www.bleepingcomputer.com/news/security/cisa-and-fbi-warn-of-escalating-interlock-ransomware-attacks/

The Interlock ransomware group has been identified by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) as escalating their ransomware attacks. Interlock ransomware is a type of malicious software designed to encrypt victims' data, rendering it inaccessible until a ransom is paid, typically in cryptocurrency. While specific technical details about the ransomware's infection vectors, encryption methods, or exploitation techniques are not provided in the available information, the warning from CISA and FBI indicates a significant increase in attack frequency or sophistication. Historically, ransomware groups like Interlock employ a combination of phishing emails, exploitation of unpatched vulnerabilities, and brute-force attacks on remote access services to gain initial access. Once inside a network, they often move laterally to maximize impact, encrypting critical systems and demanding ransom payments to restore data access. The lack of known exploits in the wild suggests that the ransomware may rely on social engineering or existing vulnerabilities rather than zero-day exploits. The threat is classified as high severity, reflecting the potential for substantial disruption, data loss, and financial impact. The source of this warning is a trusted cybersecurity news outlet, BleepingComputer, and the information was disseminated via Reddit's InfoSecNews community, indicating rapid sharing within the security community despite minimal discussion at the time of reporting.

Reddit InfoSec News

Detailed information about CISA and FBI warn of escalating Interlock ransomware attacks. Get real-time updates, technical details, and mitigation strategies.

CISA and FBI warn of escalating Interlock ransomware attacks - Live Threat Intelligence - Threat Radar | OffSeq.com

CISA and FBI warn of escalating Interlock ransomware attacks

Reddit Discussion: CISA and FBI warn of escalating Interlock ransomware attacks

Coyote malware abuses Windows accessibility framework for data theft

Source: https://www.bleepingcomputer.com/news/security/coyote-malware-abuses-windows-accessibility-framework-for-data-theft/

The Coyote malware represents a sophisticated threat that leverages the Windows accessibility framework to conduct data theft operations. This malware abuses legitimate Windows accessibility features, which are designed to assist users with disabilities, to bypass traditional security controls and gain unauthorized access to sensitive information. By exploiting these accessibility APIs, Coyote can interact with system components and applications at a high privilege level, enabling it to capture keystrokes, extract credentials, and siphon confidential data without triggering conventional security alerts. The malware's use of the accessibility framework is particularly insidious because these features are often trusted and whitelisted by endpoint protection systems, allowing Coyote to operate stealthily. Although there are no specific affected Windows versions listed, the reliance on the accessibility framework suggests that any Windows environment with these features enabled could be vulnerable. The lack of known exploits in the wild indicates that this malware might be in early stages of discovery or limited deployment, but its high severity rating underscores the potential risk it poses. The technical details sourced from a trusted cybersecurity news outlet confirm the malware's focus on data theft, emphasizing the critical need for awareness and defensive measures against this emerging threat.

Detailed information about Coyote malware abuses Windows accessibility framework for data theft. Get real-time updates, technical details, and mitigation strate

Coyote malware abuses Windows accessibility framework for data theft - Live Threat Intelligence - Threat Radar | OffSeq.com

Coyote malware abuses Windows accessibility framework for data theft

Reddit Discussion: Coyote malware abuses Windows accessibility framework for data theft

Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval() without validation during template loading or updates.

Detailed information about CVE-2025-51472: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-51472: n/a

CVE-2025-51472: n/a

Description

Technical Details

Related Threats

CVE-2025-51462: n/a

CVE-2025-7486: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in motovnet Ebook Store

CVE-2025-51475: n/a

CVE-2025-51458: n/a

CVE-2025-31513: n/a

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility