Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 71d8b76b69e4 · 2025-12-21T09:32:32.000Z
GHSA-6p3q-9mgc-93rh GHSA-hxpp-w5pc-mh6j GHSA-rfp7-8jvc-hr8q GHSA-xfvw-x4qw-5mgr
diff --git a/advisories/unreviewed/2025/12/GHSA-6p3q-9mgc-93rh/GHSA-6p3q-9mgc-93rh.json b/advisories/unreviewed/2025/12/GHSA-6p3q-9mgc-93rh/GHSA-6p3q-9mgc-93rh.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-6p3q-9mgc-93rh",
+  "modified": "2025-12-21T09:30:16Z",
+  "published": "2025-12-21T09:30:16Z",
+  "aliases": [
+    "CVE-2025-14855"
+  ],
+  "details": "The SureForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form field parameters in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14855"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/sureforms/tags/2.2.0/assets/build/entries.js"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3423684/sureforms"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5e493f01-95db-48ba-8daf-d7ff69df29bf?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-21T08:15:49Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/12/GHSA-hxpp-w5pc-mh6j/GHSA-hxpp-w5pc-mh6j.json b/advisories/unreviewed/2025/12/GHSA-hxpp-w5pc-mh6j/GHSA-hxpp-w5pc-mh6j.json
@@ -0,0 +1,64 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hxpp-w5pc-mh6j",
+  "modified": "2025-12-21T09:30:17Z",
+  "published": "2025-12-21T09:30:17Z",
+  "aliases": [
+    "CVE-2025-14994"
+  ],
+  "details": "A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8(8155). This impacts the function strcat of the file /goform/webtypelibrary of the component HTTP Request Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14994"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/webtyplibrary/webtypelibrary.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1206/webtyplibrary/webtypelibrary.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.337688"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.337688"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.719153"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.719155"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.tenda.com.cn"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-21T08:15:49Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/12/GHSA-rfp7-8jvc-hr8q/GHSA-rfp7-8jvc-hr8q.json b/advisories/unreviewed/2025/12/GHSA-rfp7-8jvc-hr8q/GHSA-rfp7-8jvc-hr8q.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-rfp7-8jvc-hr8q",
+  "modified": "2025-12-21T09:30:16Z",
+  "published": "2025-12-21T09:30:16Z",
+  "aliases": [
+    "CVE-2025-14800"
+  ],
+  "details": "The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'move_file_to_upload' function in all versions up to, and including, 3.2.7. This makes it possible for unauthenticated attackers to copy arbitrary files on the affected site's server. If 'allow_url_fopen' is set to 'On', it is possible to upload a remote file to the server.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14800"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wpcf7-redirect/tags/3.2.7/classes/class-wpcf7r-save-files.php#L180"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3423970/wpcf7-redirect"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b249ec90-a364-4644-94fb-d42eb6cc4d9a?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-434"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-21T08:15:48Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/12/GHSA-xfvw-x4qw-5mgr/GHSA-xfvw-x4qw-5mgr.json b/advisories/unreviewed/2025/12/GHSA-xfvw-x4qw-5mgr/GHSA-xfvw-x4qw-5mgr.json
@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-xfvw-x4qw-5mgr",
+  "modified": "2025-12-21T09:30:17Z",
+  "published": "2025-12-21T09:30:17Z",
+  "aliases": [
+    "CVE-2025-14995"
+  ],
+  "details": "A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14995"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md#reproduce"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.337689"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.337689"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.719154"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.tenda.com.cn"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-21T09:15:47Z"
+  }
+}
