From 1720e0d9db4b3bedddf9bdad728efecd8b7515d8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 7 Jun 2025 06:03:56 +0000 Subject: [PATCH] Auto-Update: 2025-06-07T06:00:19.784751+00:00 --- CVE-2025/CVE-2025-476xx/CVE-2025-47601.json | 56 +++++++++++++++++++ CVE-2025/CVE-2025-58xx/CVE-2025-5814.json | 60 +++++++++++++++++++++ README.md | 21 +++----- _state.csv | 16 +++--- 4 files changed, 133 insertions(+), 20 deletions(-) create mode 100644 CVE-2025/CVE-2025-476xx/CVE-2025-47601.json create mode 100644 CVE-2025/CVE-2025-58xx/CVE-2025-5814.json diff --git a/CVE-2025/CVE-2025-476xx/CVE-2025-47601.json b/CVE-2025/CVE-2025-476xx/CVE-2025-47601.json new file mode 100644 index 00000000000..93e601a6cbb --- /dev/null +++ b/CVE-2025/CVE-2025-476xx/CVE-2025-47601.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47601", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-06-07T05:15:24.213", + "lastModified": "2025-06-07T05:15:24.213", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through 2.1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/maxi-blocks/vulnerability/wordpress-maxiblocks-plugin-2-1-0-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-58xx/CVE-2025-5814.json b/CVE-2025/CVE-2025-58xx/CVE-2025-5814.json new file mode 100644 index 00000000000..5050b7d0cc0 --- /dev/null +++ b/CVE-2025/CVE-2025-58xx/CVE-2025-5814.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-5814", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-06-07T05:15:24.913", + "lastModified": "2025-06-07T05:15:24.913", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Profiler \u2013 What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to reactivate previously deactivated plugins after accessing the \"Profiler\" page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/profiler-what-slowing-down/trunk/actions.php#L31", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9213db60-c0c1-44a9-9b8c-621029c3a08f?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 5e1fa1eedcc..eabb76b7013 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-06T23:55:19.214885+00:00 +2025-06-07T06:00:19.784751+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-06T22:26:49.867000+00:00 +2025-06-07T05:15:24.913000+00:00 ``` ### Last Data Feed Release @@ -27,32 +27,27 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2025-06-06T00:00:04.332163+00:00 +2025-06-07T00:00:04.303869+00:00 ``` ### Total Number of included CVEs ```plain -296958 +296960 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `2` -- [CVE-2025-49128](CVE-2025/CVE-2025-491xx/CVE-2025-49128.json) (`2025-06-06T22:15:23.427`) +- [CVE-2025-47601](CVE-2025/CVE-2025-476xx/CVE-2025-47601.json) (`2025-06-07T05:15:24.213`) +- [CVE-2025-5814](CVE-2025/CVE-2025-58xx/CVE-2025-5814.json) (`2025-06-07T05:15:24.913`) ### CVEs modified in the last Commit -Recently modified CVEs: `6` +Recently modified CVEs: `0` -- [CVE-2025-31027](CVE-2025/CVE-2025-310xx/CVE-2025-31027.json) (`2025-06-06T22:26:49.867`) -- [CVE-2025-39493](CVE-2025/CVE-2025-394xx/CVE-2025-39493.json) (`2025-06-06T22:01:26.113`) -- [CVE-2025-39507](CVE-2025/CVE-2025-395xx/CVE-2025-39507.json) (`2025-06-06T22:09:50.510`) -- [CVE-2025-39509](CVE-2025/CVE-2025-395xx/CVE-2025-39509.json) (`2025-06-06T22:17:25.023`) -- [CVE-2025-47950](CVE-2025/CVE-2025-479xx/CVE-2025-47950.json) (`2025-06-06T22:15:23.207`) -- [CVE-2025-48146](CVE-2025/CVE-2025-481xx/CVE-2025-48146.json) (`2025-06-06T22:23:28.070`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 7ca27749512..6f549a0a262 100644 --- a/_state.csv +++ b/_state.csv @@ -291282,7 +291282,7 @@ CVE-2025-31023,0,0,b2b6dfb4fff9d3759d0e8242dd466693eb363f1c7ae0a1b9a5f68a061dc5a CVE-2025-31024,0,0,f13bb7564e2d955fe9c74ce3d5d82196ceac98ae0a3fb4b1ae7d33aec0a3a8af,2025-04-01T20:26:11.547000 CVE-2025-31025,0,0,4ff8093e4415f051713e7e0898e27685da4455d6beeec8c38e089df33f289160,2025-06-06T14:06:58.193000 CVE-2025-31026,0,0,254b219c6491f5a7e38a4af9c5c74d846ca2f862f1957eae5acb00be5bfdce97,2025-04-09T20:02:41.860000 -CVE-2025-31027,0,1,f30ea6fb52fa2dda5750b4591b97e847198dcd2345c994fdef1b0b243473e3c3,2025-06-06T22:26:49.867000 +CVE-2025-31027,0,0,f30ea6fb52fa2dda5750b4591b97e847198dcd2345c994fdef1b0b243473e3c3,2025-06-06T22:26:49.867000 CVE-2025-31028,0,0,ebad35846cd78b12d03c51b6b71e44d0624e34aa5a05101e27fce9486d87ebd4,2025-04-11T15:39:52.920000 CVE-2025-3103,0,0,8ad41fc7f92d09e819a22a1c00386b847f612c955790b39a589fac01d444d3a9,2025-04-21T14:23:45.950000 CVE-2025-31030,0,0,67e0e597fce025a476fc384187950e06000f99caed271d5d9f39f632a8519f5a,2025-04-17T20:21:05.203000 @@ -293866,7 +293866,7 @@ CVE-2025-3949,0,0,168e2abe66849b76f108d2275699dc7aa3f34d482497d50c4cedde8b889e7a CVE-2025-39490,0,0,f0d25e79c4e7c5558bc8cb946406ec85778837a0f23ea484a78138e93c7f9ab1,2025-05-23T15:54:42.643000 CVE-2025-39491,0,0,99527a7664045a6d07a435980acb4c79710bbd0df3bed5bfb4cc8aa77de75520,2025-05-19T13:35:50.497000 CVE-2025-39492,0,0,6a1d4863801d6097988eaa6b71e06751a38636cba418666dcae3bfaaf4649fc2,2025-05-19T13:35:50.497000 -CVE-2025-39493,0,1,545039d4771a67dd4187952a4dc4f19c2fa274a7007f04d5426f2bf8c6d0454a,2025-06-06T22:01:26.113000 +CVE-2025-39493,0,0,545039d4771a67dd4187952a4dc4f19c2fa274a7007f04d5426f2bf8c6d0454a,2025-06-06T22:01:26.113000 CVE-2025-39494,0,0,17f21d8aff8eceb67919fc99c805408298f2506319db4548074f4e9ee7370a3f,2025-05-23T15:54:42.643000 CVE-2025-39495,0,0,777dab53f8cea7e4a2b42375d0685a3376acecaa8b2117a01a1d06aa0095d084,2025-05-23T15:54:42.643000 CVE-2025-39498,0,0,dfe300f3baad9b96791675af61946710b302c58702c4771e2b52bced0ed375b4,2025-05-28T15:01:30.720000 @@ -293878,8 +293878,8 @@ CVE-2025-39503,0,0,99e5d03820959c729ba740a8892bca81892b83f5bbdfd1521b71f6f8e1cdd CVE-2025-39504,0,0,9ac91081610b44d0d449fe35d56559e679e58a436a44146d591099340af0e3c9,2025-05-23T15:54:42.643000 CVE-2025-39505,0,0,0677fac6beec77521e6cb7a2462dcfabf24b73771e71144370fe1fac1a5cd152,2025-05-23T15:54:42.643000 CVE-2025-39506,0,0,c041a0372538698a8f9d605ef133903ae98a32f47f46be4c5902cd3007028990,2025-05-23T15:54:42.643000 -CVE-2025-39507,0,1,f4092fa6938581d2fec34f603e8d9da1ff63ce2168f9d8d79950973af21fb914,2025-06-06T22:09:50.510000 -CVE-2025-39509,0,1,4cda2ae66fff6b98719931220bbe9865bb1af095a0727aa2e0da55520a402d90,2025-06-06T22:17:25.023000 +CVE-2025-39507,0,0,f4092fa6938581d2fec34f603e8d9da1ff63ce2168f9d8d79950973af21fb914,2025-06-06T22:09:50.510000 +CVE-2025-39509,0,0,4cda2ae66fff6b98719931220bbe9865bb1af095a0727aa2e0da55520a402d90,2025-06-06T22:17:25.023000 CVE-2025-3951,0,0,b819f4a743182055b64efa38e516552bfed579e15e32ded33254ce84d5404e6c,2025-06-02T17:32:17.397000 CVE-2025-39511,0,0,a36b3376d554b5146c42c1b1398688f2aa1974a059829a1cc40eb1eaa00a9ff1,2025-05-19T13:35:50.497000 CVE-2025-39512,0,0,126985d0ea09fa4c3bb0f5148fddbfff2eeceb61c37d743a298410e0bf5c015f,2025-04-16T13:25:37.340000 @@ -295599,6 +295599,7 @@ CVE-2025-47595,0,0,9adf7d209ac9b8d3400c8588f008170c41edc2d63f5ac07b2215d46ce5b29 CVE-2025-47596,0,0,690e3b47de078ba08084cd61db672689fbe99a61629098464a3f13b510134cf9,2025-05-08T14:39:09.683000 CVE-2025-47597,0,0,fb76cae12f5b526063c4e4a4be253bc9c7c48e40696db77b034e646e42c05626,2025-05-08T14:39:09.683000 CVE-2025-47599,0,0,9ee039ad2cd9c104f74dafdaab19a680ccf8acfe2bdc3e4b9451c1c37f06b445,2025-05-23T15:54:42.643000 +CVE-2025-47601,1,1,28a4cd166161737f53c3070c5ad9da3c191ee6086f00330ef25223efb9abc978,2025-06-07T05:15:24.213000 CVE-2025-47602,0,0,d3dbfb428c0954dce9fcab4e9e45f9d0df6844ceeac2e295f71482a5f5bda0bd,2025-05-08T14:39:09.683000 CVE-2025-47603,0,0,3b2a1520c7a0466157de2fff2680a5992223fbabfe3b81b953ed658ebf18bf41,2025-05-23T15:54:42.643000 CVE-2025-47604,0,0,5fe8052a1ec8d805c9163a0e7fe2f0a39439d3c6190a6aeb618f3b6906c1c820,2025-05-08T14:39:09.683000 @@ -295829,7 +295830,7 @@ CVE-2025-47947,0,0,937e21e816ace6c7b2eea9b27977c70a0355dffa802eeb709a1580aec3fe9 CVE-2025-47948,0,0,ba2e8c1cb0258308d0310ef150246d3504511a8f7fe9ed640ab9013bfefadd52,2025-05-19T15:15:25.400000 CVE-2025-47949,0,0,dc86078901df64be63bcaee4a73ca319eec3de89fa5549a71818463921d49b3a,2025-05-21T20:25:16.407000 CVE-2025-4795,0,0,3fd0e28eaafb548c1d9f9e6a41da631ae960e10221f6f4901b1a5e253e1ad775,2025-05-19T13:35:20.460000 -CVE-2025-47950,0,1,29677218adcd7be141f793716ad5bdeaafe069370b1864c8214031a9cd15118e,2025-06-06T22:15:23.207000 +CVE-2025-47950,0,0,29677218adcd7be141f793716ad5bdeaafe069370b1864c8214031a9cd15118e,2025-06-06T22:15:23.207000 CVE-2025-47952,0,0,98063020cb9f5c2b480f0cb92a50eeedaf8c49e542ef7ba3da076028de108162,2025-05-30T16:31:03.107000 CVE-2025-47966,0,0,9af6a33a751a4e930e5be1495300477ca1b17cde2c86ba4e4a2e9e219bcd8d40,2025-06-06T14:07:28.330000 CVE-2025-4797,0,0,7955c65d02ae59cf8e91f669d1ef33f935d7dc4278caacac2c860c6a07f32d1d,2025-06-04T14:54:33.783000 @@ -295897,7 +295898,7 @@ CVE-2025-48137,0,0,5548589b314d704917168eb47822a320c36df235e7215f581b27680822b5e CVE-2025-48138,0,0,87ffc58f4226f2db1771ad791bf24339c9d7ee906fd0e94e6b23ced179f5abb5,2025-05-30T15:19:56.580000 CVE-2025-4814,0,0,d46786303e3a6598163a80d264d357d8fd8f4577086008f748c18c8fa1a8b9bd,2025-05-28T13:17:56.110000 CVE-2025-48144,0,0,915ef69f7620231f2c6e2a32616b16609cf357d74e4b81e5126994688d251650,2025-05-30T15:20:12.500000 -CVE-2025-48146,0,1,44edda46a6e454799db1266c87b76373fb03553b5180641f5297dee2b0d7de37,2025-06-06T22:23:28.070000 +CVE-2025-48146,0,0,44edda46a6e454799db1266c87b76373fb03553b5180641f5297dee2b0d7de37,2025-06-06T22:23:28.070000 CVE-2025-4815,0,0,31cc1cd9ba179e2e20111ed224a5d1f55b5f28081bf7ef82d4c48c2315ce9fb6,2025-05-28T17:08:54.983000 CVE-2025-4816,0,0,1d7865e0cbbb0c318cb8ea40d3a767abd03ec76e1a6022bd94025fd37d41588b,2025-05-28T00:59:43.940000 CVE-2025-4817,0,0,f265475ef28de63b3868387a0ba8131291fd27201dee770829df62b575e6a51c,2025-05-28T00:59:22.280000 @@ -296259,7 +296260,7 @@ CVE-2025-49112,0,0,76902d9e5d22cd5a11f3d533ef551f790c89e42a3232b598745b0d1e516b9 CVE-2025-49113,0,0,0c3b29880bdce65ee86ec4692335b37df834d186f37bd8d28a9c54f66ee6335a,2025-06-02T18:15:24.640000 CVE-2025-4912,0,0,952cc1697455c59886c397e61a80308747f6eedd0f377c0531d621b366fc5d7d,2025-05-21T17:41:21.063000 CVE-2025-49127,0,0,75d721494d98d4722f3d78798cf05e23db38a7c6bebef6c22b8d9a8d81898d86,2025-06-06T21:15:23.137000 -CVE-2025-49128,1,1,42874cd39e27e420db84f117bd69f6a93c7d0ef6555be75306d09ad33e291157,2025-06-06T22:15:23.427000 +CVE-2025-49128,0,0,42874cd39e27e420db84f117bd69f6a93c7d0ef6555be75306d09ad33e291157,2025-06-06T22:15:23.427000 CVE-2025-4913,0,0,53b3af32223266d4fefa6288fa7668d3e6278e5d2f6f83bce997bdbd90d149c2,2025-05-19T17:37:22.390000 CVE-2025-4914,0,0,a988b116f09ba2a954362a47d883dbc77032cfbf0fc2d8366f3812d4ec746e85,2025-05-19T17:37:31.327000 CVE-2025-4915,0,0,46c7fa6aa65dcb339a70ae5c3381e0e409573ebed627552c1d75e88ea8911815,2025-05-19T17:37:39.277000 @@ -296957,3 +296958,4 @@ CVE-2025-5797,0,0,bd9bf686214be6b38d4a32143657441c5d0367e67d4567d873e7312218108f CVE-2025-5798,0,0,b3792bfff437aed2ce89a7a9c5089e9ff98ac7c618fa9625e80c45dc986f3038,2025-06-06T20:15:23.577000 CVE-2025-5799,0,0,27e1ca3e09d4e48d58a25b926e2b7ee3c9f9f9be4091f25fe1b6fbb50c81f085,2025-06-06T20:15:23.770000 CVE-2025-5806,0,0,79933e1939f5bacaa56d4bc6218de84ebab11db530a087d329b01c15373f4e0d,2025-06-06T16:15:31.560000 +CVE-2025-5814,1,1,8eaa11a12cc6d088f99ec0c5bfb996778135d981aea4d6fb1de682955c0d7f2c,2025-06-07T05:15:24.913000