High Vulnerabilities
| Primary Vendor — Product |
Description | Published | CVSS Score | Source Info |
|---|---|---|---|---|
| 70mai–M300 | A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation leads to use of default credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 2025-06-23 | 8.8 | CVE-2025-6529 |
| AcmeeDesign–WPShapere Lite | Cross-Site Request Forgery (CSRF) vulnerability in AcmeeDesign WPShapere Lite allows Stored XSS. This issue affects WPShapere Lite: from n/a through 1.4. | 2025-06-27 | 7.1 | CVE-2025-53317 |
| Adrian Tobey–FormLift for Infusionsoft Web Forms | Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Reflected XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.20. | 2025-06-27 | 7.1 | CVE-2025-47654 |
| Advantech–Advantech Wireless Sensing and Equipment (WISE) | Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload firmware through a public update page, potentially leading to backdoor installation or privilege escalation. | 2025-06-24 | 9.6 | CVE-2025- […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Bulletins
Read the original article: Post navigation |