Latest CVE Feed
-
6.4
MEDIUMCVE-2025-8605
The Gutenify – Visual Site Builder Blocks & Site Templates. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 1.5.9 due to insufficient input sanitization and output e... Read more
Affected Products :- Published: Nov. 18, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Cross-Site Scripting
-
8.1
HIGHCVE-2025-12528
The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the format_classic function. This is due to insufficient file type validation where the validate_classic method validates file e... Read more
Affected Products :- Published: Nov. 18, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Misconfiguration
-
6.9
MEDIUMCVE-2025-64342
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address (AA) of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. I... Read more
Affected Products : esp-idf- Published: Nov. 17, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Denial of Service
-
7.2
HIGHCVE-2025-11620
The Multiple Roles per User plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mrpu_add_multiple_roles_ui' and 'mrpu_save_multiple_user_roles' functions in all versions up to, and including, 1... Read more
Affected Products :- Published: Nov. 18, 2025
- Modified: Nov. 18, 2025
- Vuln Type: Authorization