Total
572 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-65107 | 2025-11-21 | N/A | 6.5 MEDIUM | ||
| Langfuse is an open source large language model engineering platform. In versions from 2.95.0 to before 2.95.12 and from 3.17.0 to before 3.131.0, in SSO provider configurations without an explicit AUTH_<PROVIDER>_CHECK setting, a potential account takeover may happen if an authenticated user is made to call a specifically crafted URL via a CSRF or phishing attack. This issue has been patched in versions 2.95.12 and 3.131.0. A workaround for this issue involves setting AUTH_<PROVIDER>_CHECK. | |||||
| CVE-2025-65094 | 2025-11-21 | N/A | N/A | ||
| WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators group by manipulating the groups[] parameter in the /admin/users/save.php request. The UI restricts users to assigning only their existing group, but server-side validation is missing, allowing attackers to overwrite their group membership and obtain full administrative access. This results in a complete compromise of the CMS. This issue has been patched in version 1.6.4. | |||||
| CVE-2025-64655 | 2025-11-21 | N/A | 8.8 HIGH | ||
| Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2025-11815 | 2025-11-21 | N/A | 4.3 MEDIUM | ||
| The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the uip_save_site_option() function in all versions up to, and including, 3.5.08. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary plugin settings. Other AJAX actions are also affected. | |||||
| CVE-2025-64751 | 2025-11-21 | N/A | N/A | ||
| OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 ( openfga-0.1.34 <= Helm chart <= openfga-0.2.48, v.1.4.0 <= docker <= v.1.11.0) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This issue has been patched in version 1.11.1. | |||||
| CVE-2025-65033 | 2025-11-19 | N/A | 8.1 HIGH | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not verify whether the user performing the action is the poll owner. As a result, any user can disrupt polls created by others, leading to a loss of integrity and availability across the application. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-65030 | 2025-11-19 | N/A | 7.1 HIGH | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the comment deletion API allows any authenticated user to delete comments belonging to other users, including poll owners and administrators. The endpoint relies solely on the comment ID for deletion and does not validate whether the requesting user owns the comment or has permission to remove it. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-12814 | 2025-11-19 | N/A | 5.3 MEDIUM | ||
| The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to unauthorized modification of data due to n incorrect capability check on the siteseo_reset_settings function in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, who have been granted access to at least on SiteSEO setting capability, to reset the plugin's settings. | |||||
| CVE-2025-65031 | 2025-11-19 | N/A | 6.5 MEDIUM | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation endpoint allows authenticated users to impersonate any other user by altering the authorName field in the API request. This enables attackers to post comments under arbitrary usernames, including privileged ones such as administrators, potentially misleading other users and enabling phishing or social engineering attacks. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-65029 | 2025-11-19 | N/A | 8.1 HIGH | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR) vulnerability allows any authenticated user to delete arbitrary participants from polls without ownership verification. The endpoint relies solely on a participant ID to authorize deletions, enabling attackers to remove other users (including poll owners) from polls. This impacts the integrity and availability of poll participation data. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-13085 | 2025-11-19 | N/A | 4.3 MEDIUM | ||
| The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Improper Authorization leading to Sensitive Post Meta Disclosure in versions up to and including 1.3.2. This is due to missing object-level authorization checks in the resolve_variables() AJAX handler. This makes it possible for authenticated attackers with the siteseo_manage capability (e.g., Author-level users who have been granted SiteSEO access by an administrator) to read arbitrary post metadata from any post, page, attachment, or WooCommerce order they cannot edit, via the custom field variable resolution feature granted they have been given access to SiteSEO by an administrator and legacy storage is enabled. In affected WooCommerce installations, this exposes sensitive customer billing information including names, email addresses, phone numbers, physical addresses, and payment methods. | |||||
| CVE-2025-63218 | 2025-11-19 | N/A | 9.8 CRITICAL | ||
| The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable to Broken Access Control due to missing authentication on the /cgi-bin/gstFcgi.fcgi endpoint. Unauthenticated remote attackers can list user accounts, create new administrative users, delete users, and modify system settings, leading to full compromise of the device. | |||||
| CVE-2025-65020 | 2025-11-19 | N/A | 6.5 MEDIUM | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability in the poll duplication endpoint (/api/trpc/polls.duplicate) allows any authenticated user to duplicate polls they do not own by modifying the pollId parameter. This effectively bypasses access control and lets unauthorized users clone private or administrative polls. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-12777 | 2025-11-19 | N/A | 5.3 MEDIUM | ||
| The YITH WooCommerce Wishlist plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.10.0. This is due to the plugin not properly verifying that a user is authorized to perform actions on the REST API /wp-json/yith/wishlist/v1/lists endpoint (which uses permission_callback => '__return_true') and the AJAX delete_item handler (which only checks nonce validity without verifying object-level authorization). This makes it possible for unauthenticated attackers to disclose wishlist tokens for any user and subsequently delete wishlist items by chaining the REST API authorization bypass with the exposed delete_item nonce on shared wishlist pages and the AJAX handler's missing object-level authorization check. | |||||
| CVE-2025-65028 | 2025-11-19 | N/A | 6.5 MEDIUM | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR) vulnerability allows any authenticated user to modify other participants’ votes in polls without authorization. The backend relies solely on the participantId parameter to identify which votes to update, without verifying ownership or poll permissions. This allows an attacker to alter poll results in their favor, directly compromising data integrity. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-65021 | 2025-11-19 | N/A | 9.1 CRITICAL | ||
| Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR) vulnerability exists in the poll finalization feature of the application. Any authenticated user can finalize a poll they do not own by manipulating the pollId parameter in the request. This allows unauthorized users to finalize other users’ polls and convert them into events without proper authorization checks, potentially disrupting user workflows and causing data integrity and availability issues. This issue has been patched in version 4.5.4. | |||||
| CVE-2025-12494 | 2025-11-18 | N/A | 4.3 MEDIUM | ||
| The Image Gallery – Photo Grid & Video Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajax_import_file function in all versions up to, and including, 2.12.28. This makes it possible for authenticated attackers, with author-level access and above, to move arbitrary image files on the server. | |||||
| CVE-2025-13118 | 2025-11-15 | 6.5 MEDIUM | 6.3 MEDIUM | ||
| A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-13117 | 2025-11-15 | 5.5 MEDIUM | 5.4 MEDIUM | ||
| A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-13116 | 2025-11-15 | 5.5 MEDIUM | 5.4 MEDIUM | ||
| A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | |||||