Critical Vulnerabilities Exposed: Act Now!

Below is an overview of several critical vulnerabilities that have recently been disclosed. This summary includes details such as the CVE ID, a brief description of each issue, and the severity rating. For full details and updates, you can check the respective vendor advisories and the National Vulnerability Database.

──────────────────────────────
1. GitLab – CVE-2025-9642
• Issue: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting).
• Affected Versions: GitLab CE/EE from 14.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1.
• Impact: An attacker may inject malicious content that could lead to account takeover.
• Severity: 8.7 (HIGH)
• More info: [NVD – CVE-2025-9642](https://nvd.nist.gov/vuln/detail/CVE-2025-9642) | [GitLab Release Notes](https://about.gitlab.com/releases/)

──────────────────────────────
2. WordPress WooCommerce Designer Pro Plugin – CVE-2025-60219
• Issue: Unrestricted file upload allowing dangerous file types, enabling an attacker to upload a web shell.
• Affected Versions: WooCommerce Designer Pro: from n/a through 1.9.24.
• Severity: 10.0 (CRITICAL)
• More info: [NVD – CVE-2025-60219](https://nvd.nist.gov/vuln/detail/CVE-2025-60219)

──────────────────────────────
3. WordPress AR For WordPress Plugin – CVE-2025-60156
• Issue: Cross-Site Request Forgery (CSRF) that may allow an attacker to upload a web shell.
• Affected Versions: AR For WordPress: from n/a through 7.98.
• Severity: 9.6 (CRITICAL)
• More info: [NVD – CVE-2025-60156](https://nvd.nist.gov/vuln/detail/CVE-2025-60156)

──────────────────────────────
4. WordPress Testimonial Slider Plugin – CVE-2025-60126
• Issue: PHP Local File Inclusion through improper filename handling in include/require statements.
• Affected Versions: Testimonial Slider: from n/a through 3.5.8.6.
• Severity: 8.8 (HIGH)
• More info: [NVD – CVE-2025-60126](https://nvd.nist.gov/vuln/detail/CVE-2025-60126)

──────────────────────────────
5. WordPress PGS Core Plugin – CVE-2025-60118
• Issue: SQL Injection due to improper neutralization of SQL special elements.
• Affected Versions: PGS Core: from n/a through 5.9.0.
• Severity: 8.5 (HIGH)
• More info: [NVD – CVE-2025-60118](https://nvd.nist.gov/vuln/detail/CVE-2025-60118)

──────────────────────────────
6. WordPress LambertGroup – AllInOne Content Slider Plugin – CVE-2025-60109
• Issue: Blind SQL Injection vulnerability stemming from improper handling of special SQL elements.
• Affected Versions: LambertGroup – AllInOne – Content Slider: from n/a through 3.8.
• Severity: 8.5 (HIGH)
• More info: [NVD – CVE-2025-60109](https://nvd.nist.gov/vuln/detail/CVE-2025-60109)

──────────────────────────────
7. WordPress AllInOne Banner Rotator Plugin – CVE-2025-60110
• Issue: SQL Injection vulnerability allowing unauthenticated intervention via SQL command manipulation.
• Affected Versions: AllInOne – Banner Rotator: from n/a through 3.8.
• Severity: 8.5 (HIGH)
• More info: [NVD – CVE-2025-60110](https://nvd.nist.gov/vuln/detail/CVE-2025-60110)

──────────────────────────────
8. WordPress Javo Core Plugin – CVE-2025-60111
• Issue: CSRF vulnerability that may allow authentication bypass.
• Affected Versions: Javo Core: from n/a through 3.0.0.266.
• Severity: 8.8 (HIGH)
• More info: [NVD – CVE-2025-60111](https://nvd.nist.gov/vuln/detail/CVE-2025-60111)

──────────────────────────────
9. WordPress LambertGroup – AllInOne Banner with Playlist Plugin – CVE-2025-60107
• Issue: Blind SQL Injection caused by improper SQL special elements handling.
• Affected Versions: LambertGroup – AllInOne – Banner with Playlist: from n/a through 3.8.
• Severity: 8.5 (HIGH)
• More info: [NVD – CVE-2025-60107](https://nvd.nist.gov/vuln/detail/CVE-2025-60107)

──────────────────────────────
10. WordPress LambertGroup – AllInOne Banner with Thumbnails Plugin – CVE-2025-60108
• Issue: Blind SQL Injection vulnerability similar in nature to the playlist banner variant.
• Affected Versions: LambertGroup – AllInOne – Banner with Thumbnails: from n/a through 3.8.
• Severity: 8.5 (HIGH)
• More info: [NVD – CVE-2025-60108](https://nvd.nist.gov/vuln/detail/CVE-2025-60108)

──────────────────────────────
11. Cisco Vulnerabilities (e.g., ASA Firewall Zero-Day, Cisco ASA, FTD vulnerabilities CVE-2025-20333 and CVE-2025-20363)
• Issues: Multiple flaws affecting Cisco’s Adaptive Security Appliances and other firewall products. The vulnerabilities allow remote code execution and buffer overflow issues through improper validation of HTTP/HTTPS input.
• Impact: These vulnerabilities can lead to arbitrary code execution, complete device compromise, and are actively exploited by threat actors.
• Severity: Ranging up to 9.9 (CRITICAL)
• More info: [Cisco Security Advisories](https://tools.cisco.com/security/center/publicationListing.x) | [CISA Advisory on Cisco Zero-Days](https://www.cisa.gov/news/2023/05/23/cisa-alerts-federal-agencies-widespread-attacks-cisco-zero-days)

──────────────────────────────
12. Unitree Devices – CVE-2025-60017
• Issue: Root OS command injection via parameters in hostapd_restart.sh on Unitree Go2, G1, H1, and B2 devices.
• Impact: Successful exploitation grants full control over the device.
• Severity: 8.2 (HIGH)
• More info: [NVD – CVE-2025-60017](https://nvd.nist.gov/vuln/detail/CVE-2025-60017)

──────────────────────────────
13. TOTOLINK X6000R – CVE-2025-11005
• Issue: OS Command Injection vulnerability due to improper neutralization of special characters in the command parameters.
• Affected Versions: X6000R through V9.4.0cu.1458_B20250708.
• Severity: 9.3 (CRITICAL)
• More info: [NVD – CVE-2025-11005](https://nvd.nist.gov/vuln/detail/CVE-2025-11005)

──────────────────────────────
14. Zenitel Gateways – CVE-2025-59817 and CVE-2025-59816 & CVE-2025-59815 & CVE-2025-59814
• Issues:
– CVE-2025-59817: Authenticated Remote Code Execution in zForm_auto_config exposing full device control.
– CVE-2025-59816: Authenticated UNION-based SQL injection in the search field of the billing admin database exposing plaintext credentials.
– CVE-2025-59815: Authenticated Remote Code Execution in the Billing Administration portal.
– CVE-2025-59814: Unauthenticated SQL injection in the password field allowing full database read access.
• Severities: Ranging from 8.1 (HIGH) to 9.8 (CRITICAL)
• More info:
 • [NVD – CVE-2025-59817](https://nvd.nist.gov/vuln/detail/CVE-2025-59817)
 • [NVD – CVE-2025-59816](https://nvd.nist.gov/vuln/detail/CVE-2025-59816)
 • [NVD – CVE-2025-59815](https://nvd.nist.gov/vuln/detail/CVE-2025-59815)
 • [NVD – CVE-2025-59814](https://nvd.nist.gov/vuln/detail/CVE-2025-59814)

──────────────────────────────
15. Dingtian DT-R002 – CVE-2025-10880 and CVE-2025-10879
• Issues:
– CVE-2025-10880: Insufficiently Protected Credentials vulnerability exposing proprietary protocol passwords.
– CVE-2025-10879: Allows unauthenticated retrieval of a user’s username.
• Severity: Both at 8.7 (HIGH)
• More info:
 • [NVD – CVE-2025-10880](https://nvd.nist.gov/vuln/detail/CVE-2025-10880)
 • [NVD – CVE-2025-10879](https://nvd.nist.gov/vuln/detail/CVE-2025-10879)

──────────────────────────────
16. Nagios XI – CVE-2025-34227
• Issue: Authenticated command injection vulnerability within various database configuration wizards (MongoDB, MySQL, Postgres), allowing shell command execution as the nagios user.
• Affected Versions: Versions prior to 2026R1.
• Severity: 8.6 (HIGH)
• More info: [NVD – CVE-2025-34227](https://nvd.nist.gov/vuln/detail/CVE-2025-34227)

──────────────────────────────
17. FlagForgeCTF – CVE-2025-59841
• Issue: Improper session handling allowing continued access to protected endpoints after logout, including reuse of CSRF tokens.
• Affected Versions: 2.2.0 up to but not including 2.3.1.
• Severity: 9.8 (CRITICAL)
• More info: [NVD – CVE-2025-59841](https://nvd.nist.gov/vuln/detail/CVE-2025-59841)

──────────────────────────────
18. UTT Devices – CVE-2025-10953
• Issue: Buffer overflow in the /goform/formApMail file triggered through manipulation of the senderEmail parameter, allowing remote exploitation.
• Affected Versions: UTT 1200GW/1250GW up to specific versions disclosed.
• Severity: 9.0 (HIGH)
• More info: [NVD – CVE-2025-10953](https://nvd.nist.gov/vuln/detail/CVE-2025-10953)

──────────────────────────────
Additional Context and Cyber Alerts:
• Several advisories also mention active exploitation campaigns—ranging from attacks on Cisco ASA firewalls (with evidence of nation-state involvement) to extensive data breaches affecting nursery chains and other organizations.
• Keep an eye on industry sources such as the [Cisco Security Advisories](https://tools.cisco.com/security/center/publicationListing.x), [CISA alerts](https://www.cisa.gov/), and trusted cybersecurity news outlets for guidance and patch updates.

──────────────────────────────
Final Thoughts
Organizations using any affected products should act immediately to:
 – Review vendor advisories and update to patched versions.
 – Apply mitigations as recommended.
 – Monitor network traffic and logs for any signs of exploit activity.

For further reading on these issues and additional cybersecurity insights, consider exploring resources like the [National Vulnerability Database](https://nvd.nist.gov/), [Cisco Security Center](https://tools.cisco.com/security/center/publicationListing.x), and dedicated WordPress security blogs.

By staying informed and applying the necessary updates, you can significantly reduce the risk of exploitation from these vulnerabilities.