Table of Contents

    About the Author

    Security Advisory

    Security Advisory

    The CyberMaxx team publishes weekly security advisories based on data and research found in the wild.

    More Articles

    Get Our Blogs Directly to Your Inbox, Every Friday

    Additional Resources:

    Security Advisory: Weekly Advisory January 21st, 2025

    Security Advisory: Weekly Advisory January 21st, 2025

    Cybersecurity News

    3 min read

    In This Week’s Advisory:

    • Fluent Bit Patches Five Vulnerabilities That Could Lead to Cloud Takeover
    • Android December Security Bulletin Released
    • MariaDB Patches RCE Vulnerability
    • WordPress Design Themes LMS Plugin Vulnerable to Privilege Escalation
    • Critical King Addons Vulnerability Exploited to Hack WordPress Sites

    Fluent Bit Patches Five Vulnerabilities That Could Lead to Cloud Takeover

    FluentBit is a logging processor and forwarder used for cloud and containerized environments to collect data from various sources and reroute it to a specific destination. If exploited, the five vulnerabilities can lead to path traversal, remote code execution, buffer overflows, and spoofing. FluentBit is frequently used in platforms like AWS, Google Cloud, Azure, and Docker.

    Affected Versions

    Fluent Bit versions before 4.1.1 and 4.0.12.

    Recommendations

    • Upgrade to the most stable release.

    More Reading / Information

    Android December Security Bulletin Released

    Google has released the December Android Security bulletin, which addresses over 100 vulnerabilities, including two being exploited in the wild. The two being exploited in the wild, CVE-2025-48633 and CVE-2025-48572, both impact Android versions 13 through 16 and can lead to privilege escalation. About half of the vulnerabilities contained in this bulletin affect the framework and system components.

    Affected Versions

    • A full list of affected versions can be found here.

    Recommendations

    • Apply the latest updates.

    More Reading / Information

    MariaDB Patches RCE Vulnerability

    MariaDB is an open source database management system that uses an SQL interface for accessing data. Its developers have patched a vulnerability that can allow a remote user to execute code on affected versions. The vulnerability is exploited through interaction with the mariadb-dump utility. Users are strongly advised to update to patched versions.

    Affected Versions

    • MariaDB 10.6, 10.11, 11.4, 11.8.

    Recommendations

    • Update to MariaDB 10.6.24, 10.11.15, 11.4.9, or 11.8.4.

    More Reading / Information

    https://jira.mariadb.org/browse/MDEV-37483
    WordPress Design Themes LMS Plugin Vulnerable to Privilege Escalation

    The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. Tracked as CVE-2025-13542 (CVSs 9.8/10), This is due to the ‘dtlms_register_user_front_end’ function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the ‘administrator’ role during registration and gain administrator access to the site.

    Affected Versions

    • 1.0.4 and below

    Recommendations

    • Update to version 1.0.5

    More Reading / Information

    Critical King Addons Vulnerability Exploited to Hack WordPress Sites

    Threat actors have been exploiting WordPress websites by exploiting a recent King Addons for Elementor vulnerability. Tracked as CVE-2025-8489 (CVSS score of 9.8), the critical-severity bug is described as a privilege escalation issue that allows attackers to obtain administrative privileges. The vulnerability impacts versions 24.12.92 to 51.1.14. King Addons for Elementor’s maintainers patched the issue in version 51.1.35 of the plugin, which was released on September 25. Successful exploitation of the King Addons for Elementor vulnerability, the WordPress security firm notes, leads to full site compromise, once an attacker has administrator privileges.

    Affected Versions

    • Versions 24.12.92 to 51.1.14

    Recommendations

    • Please apply the version 51.1.35 update

    More Reading / Information

    • https://www.securityweek.com/critical-king-addons-vulnerability-exploited-to-hack-wordpress-sites/

    Recommendations

    Please review your environment to ensure the above-mentioned issues are patched in a timely manner. It is security best practice to regularly update and/or patch software to the latest versions. The vulnerabilities above highlight the security benefits of limiting deployed software to “vendor-supported versions” only. This dramatically increases the likelihood that new vulnerabilities have a patch issued for them. Likewise, CyberMaxx strongly encourages maintaining an inventory of current software in your environment, which helps ensure and inform your patch and vulnerability management program.