CVE-2025-52718 – Bearsthemes Alone Code Injection Vulnerability

July 4, 2025

CVE ID : CVE-2025-52718

Published : July 4, 2025, 12:15 p.m. | 2 hours ago

Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52796 – WordPress WP-Recall Cross-site Scripting

Next Article CVE-2025-50032 – Paytiko for WooCommerce Missing Authorization Vulnerability

Highlights

CVE-2025-6752 – Linksys UPnP Stack-Based Buffer Overflow Vulnerability

June 27, 2025

CVE ID : CVE-2025-6752

Published : June 27, 2025, 4:16 a.m. | 1 hour, 29 minutes ago

Description : A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of the component IGD. The manipulation of the argument NewDefaultConnectionService leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

Laravel in the First Half of 2025

Laravel in the First Half of 2025

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

GOnnect – easy to use VoIP client

GOnnect – easy to use VoIP client

Gnuinos – spin of Devuan Linux

5 Best Free and Open Source Backend Electronic Circuit Simulators

CVE-2025-52718 – Bearsthemes Alone Code Injection Vulnerability

CVE-2025-23970 – Aonetheme Service Finder Booking Privilege Escalation

CVE-2025-24780 – Printcart Web to Print Product Designer for WooCommerce SQL Injection

Need to relax? This new iPhone feature does the trick for me – here’s how

kalynasolutions/laravel-tus

Ubuntu 25.04 Upgrades Set to Go Live Again Soon

7 types of web design, How to make?

CVE-2025-6752 – Linksys UPnP Stack-Based Buffer Overflow Vulnerability

Digital Supply Chain and Logistics Solutions | NAV IT Consulting

CVE-2022-44609 – Apache HTTP Server Remote Code Execution

Gemini for kids is rolling out, and it comes with 3 warnings from Google

CVE-2025-52718 – Bearsthemes Alone Code Injection Vulnerability

Related Posts