Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2025
CVE-2025-4964
The WP Online Users Stats plugin for WordPress is vulnerable to time-based SQL Injection via the ‘table_name’ parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVSS Score
4.9
EPSS Score
0.002
Published
2025-06-06
CVE-2025-4966
The WP Online Users Stats plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation within the hk_dataset_results() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-06-06
CVE-2025-48906
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-06-06
CVE-2025-48907
Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-06-06
CVE-2025-48908
Ability Auto Startup service vulnerability in the foundation process Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-06-06
CVE-2025-48909
Bypass vulnerability in the device management channel Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-06-06
CVE-2025-48910
Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-06-06
CVE-2025-48911
Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-06-06
CVE-2025-48902
Vulnerability of uncontrolled system resource applications in the setting module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.6
EPSS Score
0.0
Published
2025-06-06
CVE-2025-48903
Permission bypass vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-06-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved