CVSS: 9.1EPSS: %CPEs: 1EXPL: 0CVE-2025-48267 – WP Pipes <= 1.4.2 - Unauthenticated Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2025-48267
30 May 2025 — The WP Pipes plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the delete_template() function in all versions up to, and including, 1.4.2. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-48330 – Real Time Validation for Gravity Forms <= 1.7.0 - Unauthenticated Local File Inclusion
https://notcve.org/view.php?id=CVE-2025-48330
30 May 2025 — This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4857 – Newsletters <= 4.9.9.9 - Authenticated (Administrator+) Local File Inclusion
https://notcve.org/view.php?id=CVE-2025-4857
30 May 2025 — This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. • https://plugins.trac.wordpress.org/browser/newsletters-lite/trunk/wp-mailinglist.php#L1584 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5307 – Santesoft Sante DICOM Viewer Pro Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2025-5307
29 May 2025 — A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-148-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48471 – FreeScout Vulnerable to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2025-48471
29 May 2025 — This allows files to be uploaded with the phtml and phar extensions, which can lead to remote code execution if the Apache web server is used. • https://github.com/freescout-help-desk/freescout/commit/e136660e8dbc220454b8d3f646dd1b144e49e9ed • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48390 – FreeScout Vulnerable to Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2025-48390
29 May 2025 — Prior to version 1.8.178, FreeScout is vulnerable to code injection due to insufficient validation of user input in the php_path parameter. ... Further in tools.php, the user can specify the path to this folder as php_path, which will lead to the execution of code in backticks. • https://github.com/freescout-help-desk/freescout/commit/fb33d672a2d67f5a2b3cf69c80945267f17908b2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27151 – redis-check-aof may lead to stack overflow and potential RCE
https://notcve.org/view.php?id=CVE-2025-27151
29 May 2025 — This allows an attacker to overflow the stack and potentially achieve code execution. • https://github.com/redis/redis/security/advisories/GHSA-5453-q98w-cmvm • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1051 – Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-1051
29 May 2025 — Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. ... An attacker can leverage this vulnerability to execute code in the context of the anacapa user. An attacker can leverage th... • https://www.zerodayinitiative.com/advisories/ZDI-25-311 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31052 – The Fashion - Model Agency One Page Beauty Theme <= 1.4.4 - Unauthenticated PHP Object Injection
https://notcve.org/view.php?id=CVE-2025-31052
29 May 2025 — If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48336 – WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability
https://notcve.org/view.php?id=CVE-2025-48336
29 May 2025 — If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. • https://patchstack.com/database/wordpress/theme/course-builder/vulnerability/wordpress-course-builder-3-6-6-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •