Threat Advisories - NVD Disclosed August 5, 2025

CVE-2012-10027

WordPress WP-Property plugin allows attackers to upload harmful files to take control of your website.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A WordPress plugin, WP-Property, has a serious flaw allowing attackers to upload malicious files and take over your website without needing a password. This could let them run any code they want on your server.

NVD published: August 5, 2025

CVE advisoryKnown Exploit

CVE-2025-54253

Adobe Experience Manager Forms Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

Adobe Experience Manager Forms is affected by a misconfiguration vulnerability that could allow an attacker to execute arbitrary code. This impacts systems and data, presenting a business risk due to potential unauthorized code execution and security bypass.

NVD published: August 5, 2025 • CISA KEV

CVE advisoryKnown Exploit

CVE-2025-54948

Trend Micro Apex One Management Console Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in Trend Micro Apex One's management console allows remote attackers to upload malicious code and execute commands, impacting affected installations and posing a business risk.

NVD published: August 5, 2025 • CISA KEV