How severe is CVE-2025-2043?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2025-2043?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2025-2043 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2016-9263

MEDIUM

CVSS:4.7(Medium)

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained with...

CWE-202016

CVE-2017-0354

MEDIUM

CVSS:4.7(Medium)

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under...

CWE-202017

CVE-2017-15333

MEDIUM

CVSS:4.7(Medium)

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V...

CWE-202017

CVE-2017-15346

MEDIUM

CVSS:4.7(Medium)

CWE-202017

CVE-2017-18103

MEDIUM

CVSS:4.7(Medium)

The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a c...

CWE-202017

CVE-2017-18430

MEDIUM

CVSS:4.7(Medium)

In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).

CWE-202017