Urgent Cybersecurity Patches: Are You Safe?

Daily Cybersecurity Round-Up: Android Patches, WordPress Vulnerabilities and More

Welcome to today’s cybersecurity briefing – a chance for a friendly chat about some big updates that are shaking up the digital world. From Google’s latest Android Security Bulletin to critical WordPress plugin vulnerabilities and cyber attacks disrupting retail and public utilities, there’s plenty to sink your teeth into.

Android Security Bulletin in May 2025

Google’s May 2025 Android Security Bulletin has addressed a whopping 46 vulnerabilities. Among the fixes is CVE-2025-27363, a high-risk flaw that’s already been exploited in targeted attacks. This latest round of patches reinforces the importance of keeping your mobile devices updated – a tip that’s as timeless as a good cuppa. It’s a reminder that even the latest mobile operating systems can have their off days.

WordPress Plugin Vulnerabilities Under the Microscope

Several WordPress plugins have been found to harbour serious vulnerabilities, throwing a spanner in the works for website administrators:

• Woocommerce Multiple Addresses Privilege Escalation (CVE-2025-4335): Versions up to 1.0.7.1 allow authenticated users, even those with only Subscriber-level access, to elevate their privileges to administrator status. This critical flaw (severity 8.8) underscores the importance of diligent plugin management.
• PeproDev Ultimate Profile Solutions Unauthenticated Data Modification (CVE-2025-3921): A missing capability check in the handel_ajax_req() function in versions 1.9.1 to 7.5.2 enables unauthenticated users to alter metadata and possibly block administrators from accessing their sites. The severity here is a high 8.2.
• WPshop E-Commerce Privilege Escalation (CVE-2025-3852): From version 2.0.0 to 2.6.0, a flaw in the update() function can allow attackers to change user details without proper validation. Again, this is a high severity (8.8) issue, paving the way for account takeover exploits.
• PeproDev Ultimate Profile Solutions Authentication Bypass (CVE-2025-3844): Another issue in the same PeproDev plugin, where inadequate restrictions on change_user_meta allow attackers to bypass authentication entirely, hitting a critical severity of 9.8.
• PGS Core Plugin PHP Object Injection (CVE-2025-0855): This vulnerability in the WordPress PGS Core plugin permits unauthenticated attackers to perform PHP object injection – a critical flaw (9.8) that could lead to file deletion, data theft or even remote code execution if coupled with additional weaknesses.

Other Network and Application Vulnerabilities

The cybersecurity landscape isn’t short of challenges, as other vital flaws have been identified:

• Quarkus WebAuthn Default Endpoints (CVE-2024-12225): The default REST endpoints for user registration and login pose a risk by potentially allowing authentication bypass – a critical issue with a severity of 9.1.
• goshs Command Injection (CVE-2025-46816): In versions of the SimpleHTTPServer written in Go, improper checks in the dispatchReadPump function allow for arbitrary command execution. The fix in version 1.0.5 should prompt administrators to update without delay.
• ZITADEL IdP Intent Session Token Abuse (CVE-2025-46815): This flaw potentially lets attackers reuse session tokens to impersonate users, though multi-factor authentication remains a solid shield. Severity here is a solid 8.0.
• Kibana Prototype Pollution (CVE-2025-25014): A vulnerability leading to arbitrary code execution via crafted HTTP requests, reflecting the continuing trend of Prototype Pollution issues.
• vLLM ZeroMQ Remote Code Execution (CVE-2025-30165): Like a plot twist in a cybersecurity thriller, this vulnerability in the V0 engine of vLLM (used for large language models) could allow remote code execution if an attacker intercepts inter-node communication. However, the less commonly used pattern and the existence of the safer V1 engine provide some relief.
• Tenda AC8 Buffer Overflow (CVE-2025-4368): A critical buffer overflow in the Tenda AC8 router (version 16.03.34.06) now stands as a reminder of why network device security remains paramount.
• Dell Storage Center Authentication and XML Vulnerabilities (CVE-2025-22477 and CVE-2025-22478): Both flavours of vulnerabilities in Dell Storage Manager (version 20.1.20) present risks of privilege escalation and information disclosure. An adjacent network access attacker might exploit these if not properly mitigated.
• Tenda DAP-1520 Vulnerabilities (CVE-2025-4356, CVE-2025-4355 and CVE-2025-4354): Multiple critical vulnerabilities, including stack-based and heap-based buffer overflows, have been disclosed in Tenda’s DAP-1520 firmware. With exploits now public, these are issues that require urgent updates to avoid remote attacks.

Cyber Threats and Attack Trends

There are also some noteworthy trends on the threat landscape. A hacking group known as Scattered Spider, notorious for causing disruption on the Las Vegas Strip, is now suspected in recent attacks on UK retail incidents. Meanwhile, cyber attacks have also hit Canadian power utilities such as Emera and Nova Scotia, forcing shutdowns of critical business application servers. In another incident, flaws in Samsung MagicINFO and GeoVision IoT systems have been exploited to deploy the infamous Mirai botnet.

Staying Secure in a Dynamic Cyber Landscape

It might feel like trying to keep up with a merry-go-round that won’t stop spinning, but keeping systems updated and following best practices is more important than ever. Whether you’re running a business or managing personal devices, regular patching, robust authentication strategies, and the use of multi-factor authentication go a long way in mitigating these emerging threats. For businesses in Yorkshire and across the UK, Synergos Consultancy is ready to help navigate these complexities – offering expert guidance on ISO certifications, GDPR compliance, and more without the fuss.

As always, make sure your software is up-to-date, your networks segmented, and your credentials robust and unique. With each new bulletin and vulnerability report, the cybersecurity community grows wiser and more resilient – a testament to our shared determination to keep the digital ecosystem secure.