| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-69380 | WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Download vulnerability | vanquish | Upload Files Anywhere | - | - | 2026-02-20 15:46:53 | Deep Dive |
| CVE-2025-69379 | WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability | vanquish | Upload Files Anywhere | - | - | 2026-02-20 15:46:53 | Deep Dive |
| CVE-2026-1966 | YugabyteDB Anywhere Exposes LDAP Credentials in Cleartext in Web UI | YugabyteDB Inc | YugabyteDB Anywhere | - | - | 2026-02-05 11:38:28 | Deep Dive |
| CVE-2025-31046 | WordPress AnyWhere Elementor Pro plugin <= 2.29 - Broken Access Control Vulnerability | WPvibes | AnyWhere Elementor Pro | Medium | 4.3 | 2026-01-05 10:24:56 | Deep Dive |
| CVE-2025-42890 | Insecure key & Secret Management vulnerability in SQL Anywhere Monitor (Non-Gui) | SAP_SE | SQL Anywhere Monitor (Non-Gui) | Critical | 10.0 | 2025-11-11 00:15:29 | Deep Dive |
| CVE-2020-36851 | Rob--W / cors-anywhere Misconfigured CORS Proxy Allows SSRF | Rob--W / cors-anywhere | Rob--W / cors-anywhere | - | - | 2025-09-25 14:45:39 | Deep Dive |
| CVE-2025-8866 | YugabyteDB 安全漏洞 | YugabyteDB Inc | YugabyteDB Anywhere | - | - | 2025-08-11 16:25:36 | Deep Dive |
| CVE-2025-8864 | YugabyteDB 安全漏洞 | YugabyteDB Inc | YugabyteDB Anywhere | 低危 | - | 2025-08-11 13:30:09 | Deep Dive |
| CVE-2025-28914 | WordPress wordpress login form to anywhere plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability | Ajay Sharma | wordpress login form to anywhere | Medium | 5.9 | 2025-03-11 21:01:00 | Deep Dive |
| CVE-2025-22590 | WordPress Prayer Times Anywhere plugin <= 2.0.1 - CSRF to Stored XSS vulnerability | mmrs151 | Prayer Times Anywhere | High | 7.1 | 2025-01-07 14:57:03 | Deep Dive |
| CVE-2024-10777 | AnyWhere Elementor <= 1.2.11 - Authenticated (Contributor+) Post Disclosure | wpvibes | Dynific Addons for Elementor (formerly AnyWhere Elementor) | Medium | 4.3 | 2024-12-05 09:23:07 | Deep Dive |
| CVE-2024-10696 | UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) <= 1.1.8 - Insecure Direct Object Reference to Sensitive Information Exposure via UA_Template Shortcode | codersaiful | UltraAddons for Elementor | Medium | 4.3 | 2024-11-21 02:06:36 | Deep Dive |
| CVE-2024-51659 | WordPress Twitter @Anywhere Plus plugin <= 2.0 - CSRF to Stored XSS vulnerability | GeekRMX | Twitter @Anywhere Plus | High | 7.1 | 2024-11-14 21:35:41 | Deep Dive |
| CVE-2024-11193 | YugabyteDB 安全漏洞 | YugabyteDB | YugabyteDB Anywhere | - | - | 2024-11-13 21:04:13 | Deep Dive |
| CVE-2024-11165 | YugabyteDB 安全漏洞 | YugabyteDB | YugabyteDB Anywhere | - | - | 2024-11-13 14:19:51 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9581 | Shortcodes AnyWhere <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution | happyplugins | Shortcodes AnyWhere | High | 7.3 | 2024-10-10 02:06:09 | Deep Dive |
| CVE-2024-6908 | Admin Can Escalate Privileges to SuperAdmin Using Manual PUT Request | YugabyteDB | YugabyteDB Anywhere | 中危 | - | 2024-07-19 14:57:01 | Deep Dive |
| CVE-2024-6895 | Insecure Account Profile Management | YugabyteDB | YugabyteDB Anywhere | 中危 | - | 2024-07-19 14:47:50 | Deep Dive |
| CVE-2024-0006 | DB User Password Leak in Application Log | YugabyteDB | YugabyteDB Anywhere | 中危 | - | 2024-07-19 14:26:14 | Deep Dive |