CVE-2025-30580

Published Apr 1, 2025

Last updated 3 days ago

CVSS critical 10.0

Overview

Description
Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound DigiWidgets Image Editor allows Remote Code Inclusion. This issue affects DigiWidgets Image Editor: from n/a through 1.10.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

audit@patchstack.com
CWE-94

Social media

Hype score
Not currently trending

  1. CVE-2025-30580 Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound DigiWidgets Image Editor allows Remote Code Inclusion. This issue affects DigiWidg… https://t.co/kPH4M7M4wV

    @CVEnew

    1 Apr 2025

    141 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References