CVE ID : CVE-2025-5058

Published : May 24, 2025, 4:15 a.m. | 38 minutes ago

Description : The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible. This is only exploitable by unauthenticated attackers in default configurations where the the default password is left as 1:1, or where the attacker gains access to the credentials.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47512

Published : May 23, 2025, 1:15 p.m. | 15 hours, 14 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in tainacan Tainacan allows Path Traversal. This issue affects Tainacan: from n/a through 0.21.14.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47530

Published : May 23, 2025, 1:15 p.m. | 15 hours, 14 minutes ago

Description : Deserialization of Untrusted Data vulnerability in WPFunnels WPFunnels allows Object Injection. This issue affects WPFunnels: from n/a through 3.5.18.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-47532

Published : May 23, 2025, 1:15 p.m. | 15 hours, 14 minutes ago

Description : Deserialization of Untrusted Data vulnerability in CoinPayments CoinPayments.net Payment Gateway for WooCommerce allows Object Injection. This issue affects CoinPayments.net Payment Gateway for WooCommerce: from n/a through 1.0.17.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The latest version of SteamOS has finally made it available to other handhelds, including the partnered Lenovo Legion Go S,…

Microsoft’s latest AI model, Aurora, is designed to help provide detailed and accurate weather forecasts. It can generate accurate 10-day…

Former OpenAI chief scientist Ilya Sutskever reportedly expressed concerns about AGI, proposing “a doomsday bunker” to seek refuge in an…

NVIDIA GeForce Now has become my favorite gaming service, surpassing even Xbox Game Pass in streaming quality and convenience. Right…

Anticheat is the biggest issue for anyone playing games on Steam Deck, but fortunately, signs all point to good for…

Windows 11’s Snipping Tool may soon support GIF recording and export, giving users a fast way to create shareable content.…

Xbox Game Pass deals are hard to come by lately, but thankfully there’s a loophole working again that gets you…

PlayStation and Shift Up’s action title Stellar Blade is heading to Windows PC, so here are the requirements you’ll need…

HoYoverse has announced the full release date for the Xbox Series X|S and Xbox Cloud Gaming port of Zenless Zone…

An A24 Elden Ring movie is officially in the works, and it’s got a director, too. But with how core…

Why would you choose to render DOOM: The Dark Ages at 360p? Or worse, 240p? With DLSS 4 doing the…

The Beelink EQI12 is a fantastic little computer that can handle your work, school, or home workloads with ease. Right…

A new leak about Resident Evil 9 suggests it was originally going to be an open-world multiplayer title, though it…

Sony WH-1000XM4 Wireless Premium Noise Canceling are $120 off with this Memorial Day deal. They’re an excellent choice, especially at…

EA and DICE’s Star Wars Battlefront 2 is going the biggest resurgence it’s had in years right now, and you…

Learn about the new Baseline support in VS Code Source: web.dev: Blog