CVE-2025-1327
published 2025-05-02CVE-2025-1327: The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account'…
PriorityP421medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.20%
10.0th percentile
The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user's accounts.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fave_themes | homey | <= 2.4.4 | — |
| favethemes | homey | < 2.4.5 | 2.4.5 |
| msrc | omniparser | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vendor_msrc7.3HIGH
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Keycloak has debug default bind address
ghsa·2025-12-02
CVE-2025-11538 [MEDIUM] CWE-1327 Keycloak has debug default bind address
Keycloak has debug default bind address
A vulnerability exists in Keycloak's server distribution where enabling debug mode (`--debug`) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (`0.0.0.0`). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine.
Red Hat evaluates this as a Moderate impact vulnerability due to the requirement of running debug mode and untrusted network. Also, for Red Hat Single Sign-On, this must as well be bound to 0.0.0.0 address, which is not recommended in production scenarios.
GHSA
GHSA-mvp9-jcp7-42x3: The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2
ghsa_unreviewed·2025-05-02
CVE-2025-1327 [MEDIUM] CWE-639 GHSA-mvp9-jcp7-42x3: The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2
The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete other user's accounts.
Red Hat
keycloak-server: Debug default bind address
vendor_redhat·2025-11-13·CVSS 6.8
CVE-2025-11538 [MEDIUM] CWE-1327 keycloak-server: Debug default bind address
keycloak-server: Debug default bind address
A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug ) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine.
A vulnerability exists in Keycloak's server distribution where enabling debug mode (--debug ) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote
Microsoft
OmniParser Remote Code Execution Vulnerability
vendor_msrc·2025-09-09·CVSS 7.3
CVE-2025-55322 [HIGH] CWE-1327 OmniParser Remote Code Execution Vulnerability
OmniParser Remote Code Execution Vulnerability
Description: Binding to an unrestricted ip address in GitHub allows an unauthorized attacker to execute code over a network.
FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?
While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.
GitHub: GitHub
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Remote Code Execution
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Relea
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-02
Published