ByteOS Network

Saad Iqbal

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

4Vulnerabilities found

CVE-2025-48142

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-8.8||HIGH

EPSS-0.04% / 12.28%

7 Day CHG~0.00%

Published-20 Aug, 2025 | 08:03

Updated-20 Aug, 2025 | 14:39

WordPress Bookify <= 1.0.9 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Saad Iqbal Bookify allows Privilege Escalation. This issue affects Bookify: from n/a through 1.0.9.

Vendor-Saad Iqbal

Product-Bookify

CWE ID-CWE-266

Incorrect Privilege Assignment

CVE-2025-54668

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.03% / 7.89%

7 Day CHG~0.00%

Published-14 Aug, 2025 | 10:34

Updated-14 Aug, 2025 | 14:42

WordPress myCred Plugin plugin <= 2.9.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred allows Stored XSS. This issue affects myCred: from n/a through 2.9.4.3.

Vendor-Saad Iqbal

Product-myCred

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2025-54667

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.3||MEDIUM

EPSS-0.03% / 8.13%

7 Day CHG+0.01%

Published-14 Aug, 2025 | 10:34

Updated-14 Aug, 2025 | 14:42

WordPress myCred Plugin plugin <= 2.9.4.3 - Race Condition Vulnerability

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Saad Iqbal myCred allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue affects myCred: from n/a through 2.9.4.3.

Vendor-Saad Iqbal

Product-myCred

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CVE-2025-47688

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.3||MEDIUM

EPSS-0.05% / 13.34%

7 Day CHG~0.00%

Published-07 May, 2025 | 14:20

Updated-23 May, 2025 | 12:46

WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability

Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Advanced File Manager: from n/a through 5.3.1.

Vendor-advancedfilemanager Saad Iqbal

Product-advanced_file_manager Advanced File Manager

CWE ID-CWE-862

Missing Authorization