How severe is CVE-2025-45529?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2025-45529?

This is classified as CWE-552, which is a common weakness in software security.

CVE-2025-45529

HIGH Year: 2025

CVSS v3 Score

7.1

High

Weakness Type

CWE-552

View all →

Vulnerability Description

An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.

CVE-2023-2976

HIGH

CVSS:7.1(High)

Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps ...

CWE-5522023

CVE-2025-21264

HIGH

CVSS:7.1(High)

Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

CWE-5522025

CVE-2020-12470

HIGH

CVSS:7.2(High)

MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.

CWE-5522020

CVE-2022-29446

HIGH

CVSS:7.2(High)

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress.

CWE-5522022

CVE-2022-29447

HIGH

CVSS:7.2(High)

Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress.

CWE-5522022

CVE-2023-1124

HIGH

CVSS:7.2(High)

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

CWE-5522023

CVE-2025-45529

Vulnerability Description

Related Vulnerabilities

CVE-2023-2976

CVE-2025-21264

CVE-2020-12470

CVE-2022-29446

CVE-2022-29447

CVE-2023-1124