cvelistv5 - cve-2025-47688

CVE-2025-47688 (GCVE-0-2025-47688)

Vulnerability from cvelistv5 – Published: 2025-05-07 14:20 – Updated: 2025-05-07 18:07

Summary

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-862 - Missing Authorization

Assigner

Patchstack

References

URL

Tags

https://patchstack.com/database/wordpress/plugin/…

vdb-entry

Impacted products

	Vendor	Product	Version
	Saad Iqbal	Advanced File Manager	Affected: n/a , ≤ 5.3.1 (custom)

Credits

Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-47688",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-07T17:19:52.434977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-07T18:07:28.371Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://wordpress.org/plugins",
          "defaultStatus": "unaffected",
          "packageName": "file-manager-advanced",
          "product": "Advanced File Manager",
          "vendor": "Saad Iqbal",
          "versions": [
            {
              "lessThanOrEqual": "5.3.1",
              "status": "affected",
              "version": "n/a",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) (Patchstack Alliance)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMissing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Advanced File Manager: from n/a through 5.3.1.\u003c/p\u003e"
            }
          ],
          "value": "Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-180",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-07T14:20:56.807Z",
        "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "shortName": "Patchstack"
      },
      "references": [
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "WordPress Advanced File Manager plugin \u003c= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
    "assignerShortName": "Patchstack",
    "cveId": "CVE-2025-47688",
    "datePublished": "2025-05-07T14:20:56.807Z",
    "dateReserved": "2025-05-07T10:45:47.044Z",
    "dateUpdated": "2025-05-07T18:07:28.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-47688\",\"sourceIdentifier\":\"audit@patchstack.com\",\"published\":\"2025-05-07T15:16:20.743\",\"lastModified\":\"2025-05-23T12:46:47.047\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de falta de autorizaci\u00f3n en Saad Iqbal Advanced File Manager permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al Administrador de Archivos Avanzado desde la versi\u00f3n n/d hasta la 5.3.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"audit@patchstack.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"audit@patchstack.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:advancedfilemanager:advanced_file_manager:*:*:*:*:*:wordpress:*:*\",\"versionEndExcluding\":\"5.3.2\",\"matchCriteriaId\":\"6F3CBA69-CFA9-440B-BFDD-A74F9B68BCB1\"}]}]}],\"references\":[{\"url\":\"https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve\",\"source\":\"audit@patchstack.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"21595511-bba5-4825-b968-b78d1f9984a3\", \"shortName\": \"Patchstack\", \"dateUpdated\": \"2025-05-07T14:20:56.807Z\"}, \"title\": \"WordPress Advanced File Manager plugin \u003c= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"impacts\": [{\"capecId\": \"CAPEC-180\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels\"}]}], \"affected\": [{\"vendor\": \"Saad Iqbal\", \"collectionURL\": \"https://wordpress.org/plugins\", \"defaultStatus\": \"unaffected\", \"packageName\": \"file-manager-advanced\", \"product\": \"Advanced File Manager\", \"versions\": [{\"lessThanOrEqual\": \"5.3.1\", \"status\": \"affected\", \"version\": \"n/a\", \"versionType\": \"custom\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.\", \"supportingMedia\": [{\"type\": \"text/html\", \"base64\": false, \"value\": \"\u003cp\u003eMissing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.\u003c/p\u003e\u003cp\u003eThis issue affects Advanced File Manager: from n/a through 5.3.1.\u003c/p\u003e\"}]}], \"references\": [{\"tags\": [\"vdb-entry\"], \"url\": \"https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve\"}], \"metrics\": [{\"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}], \"cvssV3_1\": {\"baseScore\": 5.3, \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseSeverity\": \"MEDIUM\", \"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"version\": \"3.1\"}}], \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Tr\\u01b0\\u01a1ng H\\u1eefu Ph\\u00fac (truonghuuphuc) (Patchstack Alliance)\"}], \"source\": {\"discovery\": \"EXTERNAL\"}, \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47688\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-07T17:19:52.434977Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-07T17:19:53.737Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-47688\", \"assignerOrgId\": \"21595511-bba5-4825-b968-b78d1f9984a3\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Patchstack\", \"dateReserved\": \"2025-05-07T10:45:47.044Z\", \"datePublished\": \"2025-05-07T14:20:56.807Z\", \"dateUpdated\": \"2025-05-07T18:07:28.371Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CNVD-2025-10407

Vulnerability from cnvd - Published: 2025-05-19

Title

WordPress Advanced File Manager plugin缺少授权漏洞

Description

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress plugin是一个应用插件。 WordPress Advanced File Manager plugin存在缺少授权漏洞，该漏洞源于缺少授权，攻击者可利用该漏洞利用错误配置修改控制安全级别。

Severity

中

Patch Name

WordPress Advanced File Manager plugin缺少授权漏洞的补丁

Patch Description

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress plugin是一个应用插件。 WordPress Advanced File Manager plugin存在缺少授权漏洞，该漏洞源于缺少授权，攻击者可利用该漏洞利用错误配置修改控制安全级别。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://wordpress.org/plugins/file-manager-advanced/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-47688

Impacted products

Name
WordPress Advanced File Manager plugin <=5.3.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-47688",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-47688"
    }
  },
  "description": "WordPress\u548cWordPress plugin\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002 \n\nWordPress Advanced File Manager plugin\u5b58\u5728\u7f3a\u5c11\u6388\u6743\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f3a\u5c11\u6388\u6743\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5229\u7528\u9519\u8bef\u914d\u7f6e\u4fee\u6539\u63a7\u5236\u5b89\u5168\u7ea7\u522b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://wordpress.org/plugins/file-manager-advanced/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-10407",
  "openTime": "2025-05-19",
  "patchDescription": "WordPress\u548cWordPress plugin\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002 \r\n\r\nWordPress Advanced File Manager plugin\u5b58\u5728\u7f3a\u5c11\u6388\u6743\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f3a\u5c11\u6388\u6743\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5229\u7528\u9519\u8bef\u914d\u7f6e\u4fee\u6539\u63a7\u5236\u5b89\u5168\u7ea7\u522b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "WordPress Advanced File Manager plugin\u7f3a\u5c11\u6388\u6743\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "WordPress Advanced File Manager plugin \u003c=5.3.1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-47688",
  "serverity": "\u4e2d",
  "submitTime": "2025-05-14",
  "title": "WordPress Advanced File Manager plugin\u7f3a\u5c11\u6388\u6743\u6f0f\u6d1e"
}

GHSA-5FQ6-9G2X-QXJ3

Vulnerability from github – Published: 2025-05-07 15:31 – Updated: 2025-05-07 15:31

Details

Severity ?

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-47688"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-862"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-07T15:16:20Z",
    "severity": "MODERATE"
  },
  "details": "Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.",
  "id": "GHSA-5fq6-9g2x-qxj3",
  "modified": "2025-05-07T15:31:49Z",
  "published": "2025-05-07T15:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47688"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2025-47688

Vulnerability from fkie_nvd - Published: 2025-05-07 15:16 - Updated: 2025-05-23 12:46

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	audit@patchstack.com	https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve	Third Party Advisory

Impacted products

	Vendor	Product	Version
	advancedfilemanager	advanced_file_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:advancedfilemanager:advanced_file_manager:*:*:*:*:*:wordpress:*:*",
              "matchCriteriaId": "6F3CBA69-CFA9-440B-BFDD-A74F9B68BCB1",
              "versionEndExcluding": "5.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de falta de autorizaci\u00f3n en Saad Iqbal Advanced File Manager permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta al Administrador de Archivos Avanzado desde la versi\u00f3n n/d hasta la 5.3.1."
    }
  ],
  "id": "CVE-2025-47688",
  "lastModified": "2025-05-23T12:46:47.047",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "audit@patchstack.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-07T15:16:20.743",
  "references": [
    {
      "source": "audit@patchstack.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://patchstack.com/database/wordpress/plugin/file-manager-advanced/vulnerability/wordpress-advanced-file-manager-plugin-5-3-1-broken-access-control-to-notice-dismissal-vulnerability?_s_id=cve"
    }
  ],
  "sourceIdentifier": "audit@patchstack.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "audit@patchstack.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-47688 (GCVE-0-2025-47688)

CNVD-2025-10407

GHSA-5FQ6-9G2X-QXJ3

FKIE_CVE-2025-47688

Tags

Sightings

Nomenclature