Publish Advisories

GHSA-pwx8-3gv4-fqjw
GHSA-4v26-47w8-q4gm
GHSA-6jgc-395x-2vw4
GHSA-8v87-2rcq-qxgp
GHSA-c5hv-mrw8-7c5r
GHSA-fxqv-qm7m-363x
GHSA-h8fh-8c4j-6m47
GHSA-j2cx-6vg6-6fhw
GHSA-j33v-whm5-3fwm
GHSA-pvmr-35vg-qx2g
GHSA-r2wf-hqhm-qxv7
GHSA-vwfw-9fqw-jjvp
GHSA-wq8m-j899-p9xc

Author: advisory-database[bot]

advisories/unreviewed/2024/06/GHSA-pwx8-3gv4-fqjw/GHSA-pwx8-3gv4-fqjw.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pwx8-3gv4-fqjw",
-  "modified": "2024-06-05T18:30:36Z",
+  "modified": "2025-09-17T06:30:22Z",
   "published": "2024-06-05T18:30:36Z",
   "aliases": [
     "CVE-2024-4008"
@@ -11,6 +11,10 @@
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:X/V:D/RE:M/U:Green"
     }
   ],
   "affected": [],
@@ -26,7 +30,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-200"
+      "CWE-200",
+      "CWE-497"
     ],
     "severity": "CRITICAL",
     "github_reviewed": false,

advisories/unreviewed/2025/09/GHSA-4v26-47w8-q4gm/GHSA-4v26-47w8-q4gm.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4v26-47w8-q4gm",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-9818"
+  ],
+  "details": "A vulnerability (CWE-428) has been identified in the Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enclosed in quotation marks. If the installation folder path of this product contains spaces, there is a possibility that unauthorized files may be executed under the service privileges by using paths containing spaces.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9818"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.omron.com/global/en/inquiry/vulnerability_information/OMSR-2025-005_en.pdf"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.omron.com/jp/ja/inquiry/vulnerability_information/OMSR-2025-005_ja.pdf"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-428"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:13Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-6jgc-395x-2vw4/GHSA-6jgc-395x-2vw4.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-6jgc-395x-2vw4",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-55075"
+  ],
+  "details": "Hidden functionality issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, SSH may be enabled by a remote authenticated attacker.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55075"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/vu/JVNVU97490987"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.iodata.jp/support/information/2025/09_wn-7d36qr/index.htm"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-912"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:08Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-8v87-2rcq-qxgp/GHSA-8v87-2rcq-qxgp.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8v87-2rcq-qxgp",
+  "modified": "2025-09-17T06:30:22Z",
+  "published": "2025-09-17T06:30:22Z",
+  "aliases": [
+    "CVE-2025-10188"
+  ],
+  "details": "The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect nonce validation on the bulk_remove() function. This makes it possible for unauthenticated attackers to arbitrary directory deletion in /wp-content via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10188"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/hackrepair-plugin-archiver/tags/3.1.1/includes/bulk.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/51810981-5d2b-471b-b602-35809e281a0b?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-352"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:05Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-c5hv-mrw8-7c5r/GHSA-c5hv-mrw8-7c5r.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-c5hv-mrw8-7c5r",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-59307"
+  ],
+  "details": "RAID Manager provided by Century Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59307"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/jp/JVN84697061"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.century.co.jp/support/products-info/notice-r-m.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-428"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:12Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-fxqv-qm7m-363x/GHSA-fxqv-qm7m-363x.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-fxqv-qm7m-363x",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-59518"
+  ],
+  "details": "In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize _ during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59518"
+    },
+    {
+      "type": "WEB",
+      "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/228d01945d48015f3f9ea8a8dc64d7e6a27750e9"
+    },
+    {
+      "type": "WEB",
+      "url": "https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/3462"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-78"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:12Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-h8fh-8c4j-6m47/GHSA-h8fh-8c4j-6m47.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-h8fh-8c4j-6m47",
+  "modified": "2025-09-17T06:30:22Z",
+  "published": "2025-09-17T06:30:22Z",
+  "aliases": [
+    "CVE-2025-10125"
+  ],
+  "details": "The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugins's 'row' shortcode in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10125"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/memberlite-shortcodes/tags/1.4/shortcodes/columns.php#L12"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3359252%40memberlite-shortcodes&new=3359252%40memberlite-shortcodes&sfp_email=&sfph_mail="
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ceb7316e-8b55-4e7a-9309-8a9e84f22c90?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-80"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:15:53Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-j2cx-6vg6-6fhw/GHSA-j2cx-6vg6-6fhw.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-j2cx-6vg6-6fhw",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-58116"
+  ],
+  "details": "Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote authenticated attacker.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58116"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/vu/JVNVU97490987"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.iodata.jp/support/information/2025/09_wn-7d36qr/index.htm"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-78"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T04:16:08Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-j33v-whm5-3fwm/GHSA-j33v-whm5-3fwm.json

@@ -0,0 +1,48 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-j33v-whm5-3fwm",
+  "modified": "2025-09-17T06:30:23Z",
+  "published": "2025-09-17T06:30:23Z",
+  "aliases": [
+    "CVE-2025-10058"
+  ],
+  "details": "The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the upload_function() function in all versions up to, and including, 7.27. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10058"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/wp-ultimate-csv-importer/tags/7.26/uploadModules/FtpUpload.php#L200"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3357936/wp-ultimate-csv-importer/trunk/uploadModules/FtpUpload.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3360611"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5a6bcfa6-7a40-4566-b4d2-62b696ded2d6?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-73"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-17T06:15:45Z"
+  }
+}