CVE-2025-47535 – Opal Woo Custom Product Variation Path Traversal

May 24, 2025

CVE ID : CVE-2025-47535

Published : May 23, 2025, 1:15 p.m. | 23 hours, 43 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in wpopal Opal Woo Custom Product Variation allows Path Traversal. This issue affects Opal Woo Custom Product Variation: from n/a through 1.2.0.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47539 – Themewinter Eventin Privilege Escalation Vulnerability

Next Article Is it recommended to use JMETER for API testing? How can I do this when I pass multiple request payloads via csv to add assertions?

Highlights

CVE-2025-37881 – Aspeed USB Gadget NULL Pointer Dereference

May 9, 2025

CVE ID : CVE-2025-37881

Published : May 9, 2025, 7:16 a.m. | 4 hours, 51 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()

The variable d->name, returned by devm_kasprintf(), could be NULL.
A pointer check is added to prevent potential NULL pointer dereference.
This is similar to the fix in commit 3027e7b15b02
(“ice: Fix some null pointer dereference issues in ice_ptp.c”).

This issue is found by our static analysis tool

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft donates DocumentDB to the Linux Foundation

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

ChatGPT is reportedly scraping Google Search data to answer your questions – here’s how

The 10 best early Labor Day deals live now: Save on Apple, Samsung and more

5 rumored Apple iPhone Fold features that have me excited (and frustrated at the same time)

Forget plug-and-play AI: Here’s what successful AI projects do differently

Log Outgoing HTTP Requests with the Laravel Spy Package

Log Outgoing HTTP Requests with the Laravel Spy Package

devdojo/auth

Rust Slices: Cutting Into References the Safe Way

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

Best AI Girlfriend Simulator [2025 Working Apps and Websites]

8 Best Paid and Free AI Sexting Chat Apps in 2025

Best AI Anime Art Generator: 7 Best to Use [Free & Premium]

CVE-2025-47535 – Opal Woo Custom Product Variation Path Traversal

Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing

Buffalo Police Detective Indicted for Attempted Purchases on Genesis Market

How to Start a Career in Technical Writing by Contributing to Open Source

CVE-2025-5634 – PCMan FTP Server NOOP Command Handler Buffer Overflow

CVE-2025-7916 – Simopro Technology WinMatrix3 Insecure Deserialization Vulnerability

YaST2 is a GRUB graphical configuration tool for openSUSE

CVE-2025-37881 – Aspeed USB Gadget NULL Pointer Dereference

Accelerating Articul8’s domain-specific model development with Amazon SageMaker HyperPod

Cisco AnyConnect VPN Server Vulnerability Let Attackers Trigger DoS Attack

CVE-2025-48064 – GitHub Desktop Windows Network Share Path Traversal Information Disclosure

CVE-2025-47535 – Opal Woo Custom Product Variation Path Traversal

Related Posts