Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-14 | CVE-2025-29029 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function. | 9.8 |
| 2025-03-14 | CVE-2025-29030 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | 9.8 |
| 2025-03-14 | CVE-2025-29031 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | 9.8 |
| 2025-03-14 | CVE-2025-2000 | A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. | 9.8 |
| 2025-03-14 | CVE-2024-12810 | Missing Authorization vulnerability in Chimpgroup Jobcareer The JobCareer | Job Board Responsive WordPress Theme theme for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability checks on multiple functions in all versions up to, and including, 7.1. | 8.1 |
| 2025-03-14 | CVE-2024-13771 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. | 5.9 |
| 2025-03-14 | CVE-2024-13772 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Uxper Civi The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.1.4. | 5.9 |
| 2025-03-14 | CVE-2024-13773 | Use of Hard-coded Cryptographic Key vulnerability in Uxper Civi The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4 via hard-coded credentials. | 7.5 |
| 2025-03-14 | CVE-2025-2232 | Improper Privilege Management vulnerability in Purethemes Realteo 1.2.4 The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and including, 1.2.8. | 9.8 |
| 2025-03-14 | CVE-2025-1507 | Missing Authorization vulnerability in Sharethis Dashboard for Google Analytics The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_actions() function in all versions up to, and including, 3.2.1. | 5.3 |