Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 794043466ff3 · 2025-12-11T03:31:47.000Z
GHSA-mrhv-3wcw-74fh GHSA-pp9r-whq8-62xh GHSA-rcrc-cv3g-57rr
diff --git a/advisories/unreviewed/2025/12/GHSA-mrhv-3wcw-74fh/GHSA-mrhv-3wcw-74fh.json b/advisories/unreviewed/2025/12/GHSA-mrhv-3wcw-74fh/GHSA-mrhv-3wcw-74fh.json
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-mrhv-3wcw-74fh",
+  "modified": "2025-12-11T03:30:29Z",
+  "published": "2025-12-11T03:30:29Z",
+  "aliases": [
+    "CVE-2025-14485"
+  ],
+  "details": "A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function show_debug_screen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm*& causes command injection. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14485"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pan.baidu.com/s/12VsWYY-bf2-Kfufbs2dlXw?pwd=drt"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.335768"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.335768"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.702655"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.yuque.com/yuqueyonghuexlgkz/zepczx/mf0uog9s2ycay4g2?singleDoc"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-11T03:15:58Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/12/GHSA-pp9r-whq8-62xh/GHSA-pp9r-whq8-62xh.json b/advisories/unreviewed/2025/12/GHSA-pp9r-whq8-62xh/GHSA-pp9r-whq8-62xh.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-pp9r-whq8-62xh",
+  "modified": "2025-12-11T03:30:29Z",
+  "published": "2025-12-11T03:30:29Z",
+  "aliases": [
+    "CVE-2025-13764"
+  ],
+  "details": "The WP CarDealer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.16. This is due to the 'WP_CarDealer_User::process_register' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'administrator' role during registration and gain administrator access to the site.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13764"
+    },
+    {
+      "type": "WEB",
+      "url": "https://themeforest.net/item/boxcar-automotive-car-dealer-wordpress-theme/49741717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4893d9c-e039-43df-80b9-dbe42374caed?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-269"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-11T03:15:57Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/12/GHSA-rcrc-cv3g-57rr/GHSA-rcrc-cv3g-57rr.json b/advisories/unreviewed/2025/12/GHSA-rcrc-cv3g-57rr/GHSA-rcrc-cv3g-57rr.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-rcrc-cv3g-57rr",
+  "modified": "2025-12-11T03:30:29Z",
+  "published": "2025-12-11T03:30:29Z",
+  "aliases": [
+    "CVE-2025-11467"
+  ],
+  "details": "The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 5.1.1 via the feedzy_lazy_load function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11467"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/feedzy-rss-feeds/tags/5.1.0/includes/abstract/feedzy-rss-feeds-admin-abstract.php#L551"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5754dce7-6b47-4490-a04a-7eabfded0720?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-918"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-11T03:15:57Z"
+  }
+}
