Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2025-2056 The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 5.4.01 via the showFile function.
network
low complexity
CWE-23
7.5
7.5
2025-03-14 CVE-2025-2166 The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.5.
network
low complexity
CWE-79
6.1
6.1
2025-03-13 CVE-2025-24053 Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
network
low complexity
CWE-285
7.2
7.2
2025-03-13 CVE-2025-1427 Use of Uninitialized Resource vulnerability in Autodesk products
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability.
local
low complexity
autodesk CWE-908
7.8
7.8
2025-03-13 CVE-2025-1428 Out-of-bounds Read vulnerability in Autodesk products
A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability.
local
low complexity
autodesk CWE-125
7.8
7.8
2025-03-13 CVE-2025-1429 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability.
local
low complexity
autodesk CWE-787
7.8
7.8
2025-03-13 CVE-2025-1430 Out-of-bounds Write vulnerability in Autodesk products
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability.
local
low complexity
autodesk CWE-787
7.8
7.8
2025-03-13 CVE-2025-1431 Out-of-bounds Read vulnerability in Autodesk products
A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability.
local
low complexity
autodesk CWE-125
7.8
7.8
2025-03-13 CVE-2025-1432 Use After Free vulnerability in Autodesk products
A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability.
local
low complexity
autodesk CWE-416
7.8
7.8
2025-03-13 CVE-2025-1433 Out-of-bounds Read vulnerability in Autodesk products
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability.
local
low complexity
autodesk CWE-125
7.8
7.8