| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-0932 | M-Files Server 安全漏洞 | M-Files Corporation | M-Files Server | - | - | 2026-04-01 10:03:28 | Deep Dive |
| CVE-2025-15433 | Shared Files < 1.7.58 - Contributor+ Arbitrary File Download | Unknown | Shared Files | 中危 | - | 2026-03-26 06:00:07 | Deep Dive |
| CVE-2025-69380 | WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Download vulnerability | vanquish | Upload Files Anywhere | - | - | 2026-02-20 15:46:53 | Deep Dive |
| CVE-2025-69379 | WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability | vanquish | Upload Files Anywhere | - | - | 2026-02-20 15:46:53 | Deep Dive |
| CVE-2024-34438 | WordPress Shared Files plugin <= 1.7.19 - Broken Access Control vulnerability | Anssi Laitila | Shared Files | Medium | 5.3 | 2026-02-20 15:46:25 | Deep Dive |
| CVE-2026-24319 | Information Disclosure Vulnerability in SAP Business One (B1 Client Memory Dump Files) | SAP_SE | SAP Business One (B1 Client Memory Dump Files) | Medium | 5.8 | 2026-02-10 03:03:34 | Deep Dive |
| CVE-2026-1389 | Document Embedder <= 2.0.4 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Document Library Entry Deletion | bplugins | Document Embedder – Embed PDFs, Word, Excel, and Other Files | Medium | 4.3 | 2026-01-28 07:27:35 | Deep Dive |
| CVE-2026-0663 | Denial of Service condition in M-Files Server | M-Files Corporation | M-Files Server | - | - | 2026-01-21 10:29:58 | Deep Dive |
| CVE-2012-10064 | Omni Secure Files < 0.1.14 Unauthenticated Arbitrary File Upload | Omnilogic | Omni Secure Files | 中危 | - | 2026-01-16 20:10:13 | Deep Dive |
| CVE-2025-62078 | WordPress Easy Upload Files During Checkout plugin <= 3.0.0 - Broken Access Control vulnerability | Fahad Mahmood | Easy Upload Files During Checkout | Medium | 4.3 | 2025-12-31 16:32:01 | Deep Dive |
| CVE-2025-13008 | Session Token Disclosure in M-Files Web | M-Files Corporation | M-Files Server | - | - | 2025-12-19 07:04:20 | Deep Dive |
| CVE-2025-14267 | Unintended temporary cached data included in a structure only copy intended to be empty of data | M-Files Corporation | M-Files Server | - | - | 2025-12-19 06:15:10 | Deep Dive |
| CVE-2025-14318 | Improper access validation in M-Files Server | M-Files Corporation | M-Files Server | - | - | 2025-12-18 07:32:34 | Deep Dive |
| CVE-2025-12885 | Embed Any Document <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting | awsmin | Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files | Medium | 6.4 | 2025-12-18 01:51:13 | Deep Dive |
| CVE-2025-12894 | Import WP – Export and Import CSV and XML files to WordPress <= 2.14.17 - Unauthenticated Information Exposure | jcollings | Import WP – Export and Import CSV and XML files to WordPress | Medium | 5.3 | 2025-11-21 07:31:49 | Deep Dive |
| CVE-2025-4212 | Checkout Files Upload for WooCommerce <= 2.2.1 - Unauthenticated Stored Cross-Site Scripting | wpwham | Checkout Files Upload for WooCommerce | High | 7.2 | 2025-11-18 09:27:36 | Deep Dive |
| CVE-2025-11681 | Denial of Service condition in M-Files Server | M-Files Corporation | M-Files Server | - | - | 2025-11-17 11:30:25 | Deep Dive |
| CVE-2025-12384 | Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation | bplugins | Document Embedder – Embed PDFs, Word, Excel, and Other Files | High | 8.6 | 2025-11-05 06:35:02 | Deep Dive |
| CVE-2025-12682 | Easy Upload Files During Checkout <= 2.9.8 - Unauthenticated Arbitrary JavaScript File Upload | fahadmahmood | Easy Upload Files During Checkout | Critical | 9.8 | 2025-11-04 13:47:35 | Deep Dive |
| CVE-2025-12137 | Import WP – Export and Import CSV and XML files to WordPress <= 2.14.16 - Authenticated (Admin+) Arbitrary File Read | jcollings | Import WP – Export and Import CSV and XML files to WordPress | Medium | 4.9 | 2025-11-01 06:40:40 | Deep Dive |