ICS: Johnson Controls ICU Vulnerability

April 25, 2025

Multiple IBM Products Vulnerabilities

April 25, 2025

Multiple WordPress Plugins Vulnerabilities

April 25, 2025

Severity

Medium

Analysis Summary

CVE-2025-46535 CVSS:5.4

Missing Authorization vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom Login and Registration: from n/a through 1.0.0.

CVE-2025-46482 CVSS:6.5

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MyThemeShop WP Quiz allows Stored XSS.This issue affects WP Quiz: from n/a through 2.0.10.

Impact

Gain Access
Cross-site Scripting

Indicators of Compromise

CVE

CVE-2025-46535
CVE-2025-46482

Affected Vendors

WordPress

Affected Products

AlphaEfficiencyTeam Custom Login and Registration - n/a
MyThemeShop WP Quiz - n/a

Remediation

Upgrade to the latest version for WordPress, available from the WordPress Plugin Directory.

CVE-2025-46535

CVE-2025-46482

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

ICS: Johnson Controls ICU Vulnerability

Multiple IBM Products Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.