Reddit NetSec

AlienVault OTX General

CVE Database V5

Reddit InfoSec News

Exploit-DB RSS Feed

ThreatFox MISP Feed

CIRCL OSINT Feed

AlienVault OTX Vulnerabilities

AlienVault OTX Malware

The Hydra Booking plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the tfhb_reset_password_callback() function in versions 1.1.0 to 1.1.18. This makes it possible for authenticated attackers, with Subscriber-level access and above, to reset the password of an Administrator user, achieving full privilege escalation.

CVE-2025-7689 is a high-severity vulnerability affecting the Hydra Booking plugin for WordPress, specifically versions 1.1.0 through 1.1.18. The vulnerability arises from a missing authorization check in the tfhb_reset_password_callback() function, which handles password reset operations. This flaw allows any authenticated user with at least Subscriber-level privileges to reset the password of an Administrator account without proper permission verification. Consequently, an attacker can escalate their privileges from a low-level user to full administrative control over the WordPress site. The vulnerability is classified under CWE-862 (Missing Authorization), indicating that the application fails to enforce access control on a sensitive operation. The CVSS v3.1 score is 8.8, reflecting a high impact on confidentiality, integrity, and availability, with network attack vector, low attack complexity, and no user interaction required. Exploitation would allow complete takeover of the affected WordPress site, enabling attackers to manipulate content, install malicious plugins, steal sensitive data, or disrupt services. No known public exploits have been reported yet, but the vulnerability's nature and ease of exploitation make it a critical risk for sites using this plugin. The lack of a patch link suggests that a fix may not yet be publicly available, emphasizing the urgency for site administrators to apply updates once released or implement temporary mitigations.

Detailed information about CVE-2025-7689: CWE-862 Missing Authorization in themefic Hydra Booking – All in One Appointment Booking System | Appointment Scheduli

CVE-2025-7689: CWE-862 Missing Authorization in themefic Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7689: CWE-862 Missing Authorization in themefic Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings

The YouTube Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘instance’ parameter in all versions up to, and including, 10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2025-6692 is a medium-severity stored Cross-Site Scripting (XSS) vulnerability affecting the 'YouTube Embed – YouTube Gallery, Vimeo Gallery' WordPress plugin developed by hanucodes. This vulnerability arises from improper neutralization of input during web page generation (CWE-79). Specifically, the plugin fails to adequately sanitize and escape the 'instance' parameter, which is used in embedding YouTube or Vimeo galleries on WordPress sites. As a result, authenticated users with Contributor-level privileges or higher can inject arbitrary malicious JavaScript code into pages. Because the vulnerability is stored, the injected scripts persist in the website’s content and execute whenever any user accesses the compromised page. The CVSS v3.1 base score is 6.4, reflecting a medium severity with network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), and a scope change (S:C) indicating that the vulnerability affects resources beyond the initially vulnerable component. The impact includes limited confidentiality and integrity loss but no availability impact. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability affects all versions up to and including 10.3 of the plugin. This issue is significant because WordPress is widely used across many organizations, and plugins like this are common for embedding multimedia content, making it a potential vector for persistent XSS attacks that can lead to session hijacking, defacement, or further exploitation of user browsers.

Detailed information about CVE-2025-6692: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in hanucodes YouTube Embed

CVE-2025-6692: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in hanucodes YouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-6692: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in hanucodes YouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin

The Fan Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2025-6681 is a stored Cross-Site Scripting (XSS) vulnerability affecting the Fan Page plugin for WordPress developed by delower186. This vulnerability exists in all versions up to and including 1.0.1 due to improper neutralization of input during web page generation, specifically involving the 'width' parameter. The root cause is insufficient input sanitization and output escaping, which allows an authenticated attacker with Contributor-level privileges or higher to inject arbitrary malicious scripts into pages. These scripts are stored persistently and execute whenever any user accesses the compromised page, potentially leading to session hijacking, privilege escalation, or other malicious activities. The vulnerability has a CVSS v3.1 base score of 6.4, indicating a medium severity level. The attack vector is network-based with low attack complexity and requires privileges equivalent to a Contributor role, but no user interaction is needed for exploitation. The scope is changed, meaning the vulnerability can affect resources beyond the vulnerable component, and the impact affects confidentiality and integrity but not availability. No known exploits are currently reported in the wild, and no official patches have been released yet. The vulnerability was publicly disclosed on July 29, 2025.

Detailed information about CVE-2025-6681: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in delower186 Fan Page aff

CVE-2025-6681: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in delower186 Fan Page - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-6681: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in delower186 Fan Page

The Elementor Website Builder – More Than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text DOM element attribute in Text Path widget in all versions up to, and including, 3.30.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This attack affects only Chrome/Edge browsers

CVE-2025-4566 is a stored Cross-Site Scripting (XSS) vulnerability identified in the Elementor Website Builder – More Than Just a Page Builder plugin for WordPress, affecting all versions up to and including 3.30.2. The vulnerability arises from improper neutralization of input during web page generation, specifically within the Text Path widget's data-text DOM element attribute. Due to insufficient input sanitization and output escaping, authenticated users with Contributor-level access or higher can inject arbitrary JavaScript code into pages. This malicious script executes whenever any user accesses the compromised page, but the attack vector is limited to Chrome and Edge browsers. The vulnerability is classified under CWE-79 and has a CVSS 3.1 base score of 6.4, indicating a medium severity level. The attack requires low attack complexity, no user interaction, and privileges equivalent to Contributor role or above, with a scope change as the vulnerability affects other components beyond the initially compromised element. Although no known exploits are currently reported in the wild, the stored nature of the XSS makes it particularly dangerous as the injected script persists and can affect multiple users over time. The vulnerability impacts confidentiality and integrity by enabling script injection that could steal session tokens, perform actions on behalf of users, or manipulate page content. Availability impact is not significant. The lack of a patch link suggests that a fix may not yet be publicly available, emphasizing the need for immediate mitigation steps.

Detailed information about CVE-2025-4566: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in elemntor Elementor Webs

CVE-2025-4566: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in elemntor Elementor Website Builder – More Than Just a Page Builder - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-4566: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in elemntor Elementor Website Builder – More Than Just a Page Builder

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need to pair or press a physical button, a remote attacker can disable recording, delete recordings, or even disable battery protection to cause a flat battery to essentially disable the car from being used. During the process of changing these settings, there are no indications or sounds on the dashcam to alert the dashcam owner that someone else is making those changes.

CVE-2025-30126 is a security vulnerability identified in Marbella KR8s Dashcam FF version 2.0.8 devices. The vulnerability allows a remote attacker to connect to the dashcam via port 7777 without any authentication, pairing, or physical interaction such as pressing a button on the device. Exploiting this flaw, an attacker can perform several malicious actions including disabling the dashcam's recording functionality, deleting existing recordings, and disabling the battery protection mechanism. The battery protection feature is designed to prevent the car battery from draining completely; disabling it can cause the battery to become flat, effectively immobilizing the vehicle. Notably, these changes occur silently without any audible or visible indication on the dashcam, leaving the owner unaware of the compromise. This vulnerability arises from inadequate access controls and lack of authentication on the network interface exposed by the dashcam. Since the dashcam is connected to the vehicle and controls critical features related to recording and battery management, the attack surface extends beyond privacy concerns to potential vehicle usability and safety issues. The vulnerability does not require user interaction or physical proximity beyond network access to port 7777, which may be exposed on local networks or possibly via remote access if the device is connected to the internet or a compromised network. There is no CVSS score assigned yet, and no known exploits in the wild have been reported as of the publication date. No patches or mitigations have been officially released at this time.

Detailed information about CVE-2025-30126: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-30126: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-30126: n/a

Windows Storage Elevation of Privilege Vulnerability

CVE-2025-21391 is a high-severity elevation of privilege vulnerability affecting Microsoft Windows 10 Version 1809 (build 10.0.17763.0). The vulnerability is categorized under CWE-59, which refers to Improper Link Resolution Before File Access, commonly known as 'Link Following'. This flaw occurs when the Windows Storage component improperly resolves symbolic links or junction points before accessing files, allowing an attacker with limited privileges to manipulate file system links to escalate their privileges. Specifically, an attacker with low-level privileges (local access with limited rights) can exploit this vulnerability to gain higher integrity level permissions, potentially achieving full administrative control over the affected system. The CVSS 3.1 base score is 7.1, indicating a high severity, with the vector string AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:F/RL:O/RC:C. This means the attack requires local access, low attack complexity, and low privileges, but no user interaction. The impact affects integrity and availability, allowing unauthorized modification or disruption of system files or processes. No known exploits are currently reported in the wild, and no official patches or mitigation links have been published yet. The vulnerability was reserved in December 2024 and published in February 2025, indicating recent discovery and disclosure. Given the nature of the flaw, it primarily targets the Windows Storage subsystem's handling of symbolic links, which can be leveraged to bypass security controls and elevate privileges on vulnerable Windows 10 1809 systems.

Detailed information about CVE-2025-21391: CWE-59: Improper Link Resolution Before File Access ('Link Following') in Microsoft Windows 10 Version 1809 affecting

CVE-2025-21391: CWE-59: Improper Link Resolution Before File Access ('Link Following') in Microsoft Windows 10 Version 1809 - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-21391: CWE-59: Improper Link Resolution Before File Access ('Link Following') in Microsoft Windows 10 Version 1809

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device

CVE-2025-1316 is a critical security vulnerability affecting all versions of the Edimax IC-7100 IP Camera. The vulnerability is classified under CWE-78, which corresponds to improper neutralization of special elements used in an OS command, commonly known as OS Command Injection. This flaw arises because the device does not properly sanitize or neutralize input received in certain requests, allowing an attacker to craft malicious requests that can execute arbitrary operating system commands remotely on the device without any authentication or user interaction. The CVSS 4.0 base score of 9.3 reflects the high severity of this vulnerability, with an attack vector that is network-based (AV:N), requiring no privileges (PR:N), no user interaction (UI:N), and no scope change (S:U). The impact on confidentiality, integrity, and availability is high (VC:H, VI:H, VA:H), meaning an attacker can fully compromise the device, potentially gaining control over the camera, intercepting or manipulating video streams, or using the device as a foothold for further network intrusion. The vulnerability is present in all versions of the IC-7100 model, indicating a systemic issue in the device’s input validation mechanisms. Although no public exploits have been reported yet, the ease of exploitation and critical impact make this a significant threat. The lack of available patches at the time of publication further increases the urgency for mitigation.

Detailed information about CVE-2025-1316: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Edimax IC-7100 IP

CVE-2025-1316: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Edimax IC-7100 IP Camera - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-1316: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Edimax IC-7100 IP Camera

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online Course Registration v3.1 allows attackers to execute a session hijacking attack.

CVE-2025-50485 is a vulnerability identified in the PHPGurukul Online Course Registration system version 3.1, specifically within the /crm/change-password.php component. The issue stems from improper session invalidation after a password change operation. When a user changes their password, the application fails to properly invalidate or regenerate the session identifier associated with the user's session. This flaw allows an attacker who has obtained or intercepted a valid session token prior to the password change to continue using that session token to impersonate the legitimate user, effectively executing a session hijacking attack. Session hijacking can lead to unauthorized access to user accounts, exposing sensitive personal information, course registration data, and potentially administrative functions depending on the user's privileges. The vulnerability does not require user interaction beyond the password change process and does not currently have any known exploits in the wild. However, the absence of a patch or mitigation guidance in the provided data suggests that the vulnerability remains unaddressed in the affected version. The lack of a CVSS score indicates that the severity has not been formally assessed, but the nature of session hijacking vulnerabilities typically poses a significant risk to confidentiality and integrity of user sessions. The vulnerability is particularly critical in web applications handling sensitive user data and authentication workflows, such as educational platforms that manage personal and academic information.

Detailed information about CVE-2025-50485: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-50485: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-50485: n/a

An authenticated remote code execution vulnerability in PowerStick Wave Dual-Band Wifi Extender V1.0 allows an attacker with valid credentials to execute arbitrary commands with root privileges. The issue stems from insufficient sanitization of user-supplied input in the /cgi-bin/cgi_vista.cgi executable, which is passed to a system-level function call.

CVE-2025-29534 is a high-severity authenticated remote code execution (RCE) vulnerability affecting the PowerStick Wave Dual-Band Wifi Extender V1.0. The vulnerability arises from insufficient sanitization of user-supplied input processed by the /cgi-bin/cgi_vista.cgi executable. Specifically, this CGI script passes input directly to a system-level function call without proper validation or escaping, enabling an attacker with valid credentials to execute arbitrary commands with root privileges on the device. This vulnerability is categorized under CWE-78 (Improper Neutralization of Special Elements used in an OS Command), indicating that command injection is the root cause. The CVSS v3.1 base score is 8.8, reflecting a high-impact flaw with network attack vector (AV:N), low attack complexity (AC:L), requiring privileges (PR:L) but no user interaction (UI:N). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). Although no known exploits are reported in the wild yet, the vulnerability's nature and ease of exploitation by authenticated users make it a significant threat. The lack of available patches at the time of publication increases the urgency for mitigation. The vulnerability affects the device's firmware or software handling the CGI interface, which is commonly used for device management and configuration, making it a critical entry point for attackers to gain full control over the device and potentially pivot into connected networks.

Detailed information about CVE-2025-29534: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-29534: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-29534: n/a

Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack.

CVE-2025-50487 is a security vulnerability identified in the PHPGurukul Blood Bank & Donor Management System version 2.4, specifically within the /bbdms/change-password.php component. The vulnerability arises from improper session invalidation, which means that when a user changes their password, the system fails to correctly terminate or invalidate the existing session tokens associated with that user. This flaw enables an attacker to hijack an active session, potentially gaining unauthorized access to the victim's account without needing to re-authenticate. Session hijacking exploits weaknesses in session management, allowing attackers to impersonate legitimate users and perform actions on their behalf. Since this vulnerability is located in a critical function related to user authentication and account management, it poses a significant risk to the confidentiality and integrity of user data. The absence of a CVSS score indicates that the vulnerability is newly published and has not yet been fully assessed or exploited in the wild. However, the technical nature of improper session invalidation is well-understood and commonly exploited in web applications, making this a serious concern. The vulnerability does not specify affected versions beyond v2.4, and no patches or known exploits are currently documented. The system in question is a specialized healthcare management platform, which likely handles sensitive personal and medical data, increasing the stakes of any unauthorized access.

Detailed information about CVE-2025-50487: n/a. Get real-time updates, technical details, and mitigation strategies.

Title	Severity	Type	Source	Date

Threats Affecting Austria

Filter Threats

Threats Affecting Austria

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility