Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

April 28, 2025

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Image: Chocapikk_
Security researcher Chocapikk has published a Metasploit module for a critical zero-day vulnerability impacting Craft CMS, tracked as CVE-2025-32432 (CVSS 10). This remote code execu …

Published Date:
Apr 28, 2025 (2 hours, 14 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-32432

CVE-2024-58136

Source: Read More

Previous Article400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild

Next Article CISA Warns of Critical Vulnerabilities in Planet Technology Products

Highlights

CVE-2025-53929 – WeGIA Stored Cross-Site Scripting Vulnerability

July 16, 2025

CVE ID : CVE-2025-53929

Published : July 16, 2025, 4:15 p.m. | 2 hours, 28 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cor.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `cor` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page `cadastro_pet.php` is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

JavaScript vs C#: How to Choose the Right Language as a Beginner

This AI Paper Introduces MathCoder-VL and FigCodifier: Advancing Multimodal Mathematical Reasoning with Vision-to-Code Alignment

CVE-2025-4805 – WatchGuard Fireware OS Stored XSS Vulnerability

Meet GenSpark Super Agent: The All-in-One AI Agent that Autonomously Think, Plan, Act, and Use Tools to Handle All Your Everyday Tasks

CVE-2025-53929 – WeGIA Stored Cross-Site Scripting Vulnerability

Salesforce Marketing Cloud for Medical Devices

Meta AI One Click AI Video Edits Are Here on Instagram, Facebook and Official Website

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Craft CMS Zero-Day CVE-2025-32432 Exploited with Metasploit Module Now Public

Related Posts