Jose Alexis Correa Valencia, Author at AlterPlex

7 Mar 2025

CVE-2025-1475

Título es
CVE-2025-1475

Vie, 07/03/2025 – 07:15

Tipo
CWE-287

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-1475

Descripción en
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. This is due to insufficient verification on the 'user_phone' parameter when logging in. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if SMS login is enabled.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
9.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CRITICAL

Referencias

https://plugins.trac.wordpress.org/browser/wpcom-member/tags/1.7.1/includes/form-validation.php#L110

https://plugins.trac.wordpress.org/changeset/3248208/

https://www.wordfence.com/threat-intel/vulnerabilities/id/05178bf3-3040-41aa-ba43-779376d30298?source=cve

Enviar en el boletín
Off

7 Mar 2025

CVE-2024-13655

Título es
CVE-2024-13655

Vie, 07/03/2025 – 07:15

Tipo
CWE-862

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-13655

Descripción en
The Flex Mag – Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a missing capability check on the propanel_of_ajax_callback() function in all versions up to, and including, 3.5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary option values on the WordPress site. This can be leveraged to delete an option that would create an error on the site and deny service to legitimate users.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
8.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://themeforest.net/item/flex-mag-responsive-wordpress-news-theme/12772303

https://www.wordfence.com/threat-intel/vulnerabilities/id/23f53ff1-f0bc-4ad3-9b9e-cf365f064066?source=cve

Enviar en el boletín
Off

7 Mar 2025

CVE-2024-12576

Título es
CVE-2024-12576

Vie, 07/03/2025 – 08:15

Tipo
CWE-822

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-12576

Descripción en
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger a crash of the FW running on the GPU freezing graphics output.

07/03/2025

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Enviar en el boletín
Off

7 Mar 2025

CVE-2024-13906

Título es
CVE-2024-13906

Vie, 07/03/2025 – 08:15

Tipo
CWE-502

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-13906

Descripción en
The Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.7.3 via deserialization of untrusted input in the 'import_gallery_from_csv' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
7.20

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://plugins.trac.wordpress.org/browser/gallery-plugin/tags/4.7.3/gallery-plugin.php#L292

https://plugins.trac.wordpress.org/changeset/3249573/

https://www.wordfence.com/threat-intel/vulnerabilities/id/76c5559d-f9dd-43cf-8c8e-07188b4edf7f?source=cve

Enviar en el boletín
Off

7 Mar 2025

CVE-2024-12837

Título es
CVE-2024-12837

Vie, 07/03/2025 – 08:15

Tipo
CWE-416

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-12837

Descripción en
Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.

07/03/2025

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Enviar en el boletín
Off

7 Mar 2025

CVE-2025-0863

Título es
CVE-2025-0863

Vie, 07/03/2025 – 08:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-0863

Descripción en
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'idx_frame' shortcode in all versions up to, and including, 3.14.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
6.40

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://plugins.trac.wordpress.org/browser/flexmls-idx/tags/3.14.25/flexmls_connect.php#L92

https://plugins.trac.wordpress.org/browser/flexmls-idx/tags/3.14.25/lib/base.php#L220

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3251292%40flexmls-idx&new=3251292%40flexmls-idx

https://www.wordfence.com/threat-intel/vulnerabilities/id/1c8e814b-3828-4b3f-a9ad-b3758ab9b109?source=cve

Enviar en el boletín
Off

7 Mar 2025

CVE-2025-1309

Título es
CVE-2025-1309

Vie, 07/03/2025 – 08:15

Tipo
CWE-862

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-1309

Descripción en
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the uip_save_form_as_option() function in all versions up to, and including, 3.5.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
8.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://plugins.trac.wordpress.org/browser/uipress-lite/tags/3.5.00/admin/core/ajax-functions.php#L625

https://plugins.trac.wordpress.org/changeset/3249865/

https://www.wordfence.com/threat-intel/vulnerabilities/id/6754ba34-0dc7-40a5-9548-a5f77db0df53?source=cve

Enviar en el boletín
Off

7 Mar 2025

CVE-2025-26331

Título es
CVE-2025-26331

Vie, 07/03/2025 – 08:15

Tipo
CWE-77

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-26331

Descripción en
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
7.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://www.dell.com/support/kbdoc/en-us/000289886/dsa-2025-107

Enviar en el boletín
Off

7 Mar 2025

CVE-2025-27816

Título es
CVE-2025-27816

Vie, 07/03/2025 – 08:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27816

Descripción en
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The vulnerability is present in the Windows Plugin_Host service, which runs on all the servers where InfoScale is installed. The service is used only when applications are configured for Disaster Recovery (DR) using the DR wizard. Disabling the Plugin_Host service manually will eliminate the vulnerability.

07/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
9.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
CRITICAL

Referencias

https://www.veritas.com/content/support/en_US/security/ARC25-002

Enviar en el boletín
Off

7 Mar 2025

CVE-2025-2061

Título es
CVE-2025-2061

Vie, 07/03/2025 – 03:15

Tipo
CWE-79

Gravedad v2.0
5.00

Gravedad 2.0 Txt
MEDIUM

Título en

CVE-2025-2061

Descripción en
A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /passenger.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

07/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Vector CVSS:2.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Gravedad 4.0
5.30

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
4.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://code-projects.org/

https://github.com/intercpt/XSS1/blob/main/XSS2.md

https://vuldb.com/?ctiid_298816=

https://vuldb.com/?id_298816=

https://vuldb.com/?submit_514529=