Publish Advisories

GHSA-2vp3-crwq-3fg5
GHSA-369j-mq74-56g3
GHSA-7pr6-hx5j-fw8h
GHSA-f8pm-w4xh-wj52
GHSA-fxwj-494p-xmc7
GHSA-j8wf-mcp8-694g
GHSA-m9jj-v5hf-f99h
GHSA-mg9f-f46c-6cm7
GHSA-qwwf-j766-5g2p
GHSA-r3pp-h225-m34v
GHSA-vv27-hw9x-f765
GHSA-xrgh-5p34-46f6

Author: advisory-database[bot]

advisories/unreviewed/2025/07/GHSA-2vp3-crwq-3fg5/GHSA-2vp3-crwq-3fg5.json

@@ -0,0 +1,29 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2vp3-crwq-3fg5",
+  "modified": "2025-07-16T09:31:05Z",
+  "published": "2025-07-16T09:31:05Z",
+  "aliases": [
+    "CVE-2025-27465"
+  ],
+  "details": "Certain instructions need intercepting and emulating by Xen.  In some\ncases Xen emulates the instruction by replaying it, using an executable\nstub.  Some instructions may raise an exception, which is supposed to be\nhandled gracefully.  Certain replayed instructions have additional logic\nto set up and recover the changes to the arithmetic flags.\n\nFor replayed instructions where the flags recovery logic is used, the\nmetadata for exception handling was incorrect, preventing Xen from\nhandling the the exception gracefully, treating it as fatal instead.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27465"
+    },
+    {
+      "type": "WEB",
+      "url": "https://xenbits.xenproject.org/xsa/advisory-470.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T09:15:23Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-369j-mq74-56g3/GHSA-369j-mq74-56g3.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-369j-mq74-56g3",
+  "modified": "2025-07-16T09:31:03Z",
+  "published": "2025-07-16T09:31:03Z",
+  "aliases": [
+    "CVE-2025-52688"
+  ],
+  "details": "Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52688"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jro.sg/CVEs/CVE-2025-52688"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.al-enterprise.com/-/media/assets/internet/documents/sa-n0150-omniaccess-stellar-multiple-vulnerabilities.pdf"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-072"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:23Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-7pr6-hx5j-fw8h/GHSA-7pr6-hx5j-fw8h.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7pr6-hx5j-fw8h",
+  "modified": "2025-07-16T09:31:04Z",
+  "published": "2025-07-16T09:31:04Z",
+  "aliases": [
+    "CVE-2025-7359"
+  ],
+  "details": "The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wcvisitor_get_block function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to delete arbitrary files on the server. NOTE: This particular vulnerability deletes all the files in a targeted arbitrary directory rather than a specified arbitrary file, which can lead to loss of data or a denial of service condition.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7359"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/counter-visitor-for-woocommerce/tags/1.3.6/woo-counter-visitor.php#L378"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae13dc61-c4bf-4b17-8055-98c80a853a2a?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:24Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-f8pm-w4xh-wj52/GHSA-f8pm-w4xh-wj52.json

@@ -0,0 +1,35 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-f8pm-w4xh-wj52",
+  "modified": "2025-07-16T09:31:05Z",
+  "published": "2025-07-16T09:31:05Z",
+  "aliases": [
+    "CVE-2025-7703"
+  ],
+  "details": "Authentication vulnerability in the mobile application（tech.palm.id）may lead to the risk of information leakage.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7703"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.tecno.com/SRC/blogdetail/428?lang=en_US"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.tecno.com/SRC/securityUpdates"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-287"
+    ],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T09:15:24Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-fxwj-494p-xmc7/GHSA-fxwj-494p-xmc7.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fxwj-494p-xmc7",
+  "modified": "2025-07-16T09:31:04Z",
+  "published": "2025-07-16T09:31:04Z",
+  "aliases": [
+    "CVE-2025-5843"
+  ],
+  "details": "The Brandfolder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 5.0.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5843"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/brandfolder/tags/5.0.19/brandfolder-integration.php#L138"
+    },
+    {
+      "type": "WEB",
+      "url": "https://wordpress.org/plugins/brandfolder/#developers"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bedbe508-e879-4989-89a6-db909ecd35a8?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:23Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-j8wf-mcp8-694g/GHSA-j8wf-mcp8-694g.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-j8wf-mcp8-694g",
+  "modified": "2025-07-16T09:31:04Z",
+  "published": "2025-07-16T09:31:04Z",
+  "aliases": [
+    "CVE-2025-6747"
+  ],
+  "details": "The Avada (Fusion) Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fusion_map' shortcode in all versions up to, and including, 3.12.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6747"
+    },
+    {
+      "type": "WEB",
+      "url": "https://avada.com/documentation/avada-changelog"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0a21eaa-4e2a-4d07-8635-f0a8a5db660f?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:24Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-m9jj-v5hf-f99h/GHSA-m9jj-v5hf-f99h.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m9jj-v5hf-f99h",
+  "modified": "2025-07-16T09:31:04Z",
+  "published": "2025-07-16T09:31:04Z",
+  "aliases": [
+    "CVE-2025-52690"
+  ],
+  "details": "Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52690"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jro.sg/CVEs/CVE-2025-52690"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.al-enterprise.com/-/media/assets/internet/documents/sa-n0150-omniaccess-stellar-multiple-vulnerabilities.pdf"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-072"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:23Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-mg9f-f46c-6cm7/GHSA-mg9f-f46c-6cm7.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-mg9f-f46c-6cm7",
+  "modified": "2025-07-16T09:31:04Z",
+  "published": "2025-07-16T09:31:04Z",
+  "aliases": [
+    "CVE-2025-6043"
+  ],
+  "details": "The Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal plugin for WordPress is vulnerable to Arbitrary File Deletion due to a missing capability check on the wpmr_delete_file() function in all versions up to, and including, 16.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files making remote code execution possible. This is only exploitable when advanced mode is enabled on the site.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6043"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-malware-removal/tags/16.8/wpmr.php#L4570"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-malware-removal/tags/16.8/wpmr.php#L6304"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-malware-removal/tags/16.8/wpmr.php#L6401"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d44fe4d7-1af5-4e26-a33c-43a9cce4174c?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-862"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:23Z"
+  }
+}

advisories/unreviewed/2025/07/GHSA-qwwf-j766-5g2p/GHSA-qwwf-j766-5g2p.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-qwwf-j766-5g2p",
+  "modified": "2025-07-16T09:31:03Z",
+  "published": "2025-07-16T09:31:03Z",
+  "aliases": [
+    "CVE-2025-52687"
+  ],
+  "details": "Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service (DoS).",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52687"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.al-enterprise.com/-/media/assets/internet/documents/sa-n0150-omniaccess-stellar-multiple-vulnerabilities.pdf"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-072"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-77"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-07-16T07:15:21Z"
+  }
+}