General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-3125 | An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonA… | Medium (6.7) | 2025-11-05 | General-Purpose |
| CVE-2025-12497 | The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inclusion in all versio… | High (8.1) | 2025-11-05 | General-Purpose |
| CVE-2025-11745 | The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom… | Medium (6.4) | 2025-11-05 | General-Purpose |
| CVE-2025-58337 | An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control,… | Medium (5.4) | 2025-11-05 | General-Purpose |
| CVE-2025-12469 | The FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce plugin for WordPress is vuln… | Medium (4.3) | 2025-11-05 | General-Purpose |