CVE Alert: CVE-2025-10051 – themeinwp – Demo Import Kit
CVE-2025-10051 HIGHNo exploitation known The Demo Import Kit plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
Vulnerabilities
CVE Alert: CVE-2025-10299 – hakik – WPBifröst – Instant Passwordless Temporary Login Links
CVE-2025-10299 HIGHNo exploitation known The WPBifröst – Instant Passwordless Temporary Login Links plugin for WordPress is vulnerable to Privilege Escalation...
CVE Alert: CVE-2025-10293 – nexist – Keyy Two Factor Authentication (like Clef)
CVE-2025-10293 HIGHNo exploitation known The Keyy Two Factor Authentication (like Clef) plugin for WordPress is vulnerable to privilege escalation via...
CVE Alert: CVE-2025-10313 – jankimoradiya – Find And Replace content for WordPress
CVE-2025-10313 HIGHNo exploitation known The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site...
CVE Alert: CVE-2025-11501 – markomaksym – Dynamically Display Posts
CVE-2025-11501 HIGHNo exploitation known The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'tax_query' parameter...
CVE Alert: CVE-2025-54279 – Adobe – Animate
CVE-2025-54279 HIGHNo exploitation known Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could...
CVE Alert: CVE-2025-6042 – pebas – Lisfinity Core – Lisfinity Core plugin used for pebas® Lisfinity WordPress theme
CVE-2025-6042 HIGHNo exploitation known The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress...
CVE Alert: CVE-2025-11746 – 8theme – XStore
CVE-2025-11746 HIGHNo exploitation known The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to,...
CVE Alert: CVE-2025-61804 – Adobe – Animate
CVE-2025-61804 HIGHNo exploitation known Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could...
CVE Alert: CVE-2025-54268 – Adobe – Bridge
CVE-2025-54268 HIGHNo exploitation known Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could...
CVE Alert: CVE-2025-54253 – Adobe – Adobe Experience Manager
CVE-2025-54253 CRITICALExploitation active Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in...
CVE Alert: CVE-2025-55335 – Microsoft – Windows 10 Version 1809
CVE-2025-55335 HIGHNo exploitation known Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-55328 – Microsoft – Windows 11 Version 25H2
CVE-2025-55328 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized...
CVE Alert: CVE-2025-55331 – Microsoft – Windows 11 Version 25H2
CVE-2025-55331 HIGHNo exploitation known Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-55339 – Microsoft – Windows 11 Version 25H2
CVE-2025-55339 HIGHNo exploitation known Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally. CVSS v3.1 (7.8)...
CVE Alert: CVE-2025-53782 – Microsoft – Microsoft Exchange Server 2019 Cumulative Update 15
CVE-2025-53782 HIGHNo exploitation known Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges...
CVE Alert: CVE-2025-53768 – Microsoft – Windows 10 Version 1809
CVE-2025-53768 HIGHNo exploitation known Use after free in Xbox allows an authorized attacker to elevate privileges locally. CVSS v3.1 (7.8)...
CVE Alert: CVE-2025-55240 – Microsoft – Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)
CVE-2025-55240 HIGHNo exploitation known Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-55247 – Microsoft – .NET 8.0
CVE-2025-55247 HIGHNo exploitation known Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate...
CVE Alert: CVE-2025-55326 – Microsoft – Windows 10 Version 1809
CVE-2025-55326 HIGHNo exploitation known Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code...
CVE Alert: CVE-2025-53717 – Microsoft – Windows 11 Version 25H2
CVE-2025-53717 HIGHNo exploitation known Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an...
CVE Alert: CVE-2025-53150 – Microsoft – Windows 11 Version 25H2
CVE-2025-53150 HIGHNo exploitation known Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-53139 – Microsoft – Windows 11 Version 25H2
CVE-2025-53139 HIGHNo exploitation known Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security...
CVE Alert: CVE-2025-50174 – Microsoft – Windows 11 Version 25H2
CVE-2025-50174 HIGHNo exploitation known Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges...
