| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27983 | WordPress LMS Elementor Pro plugin <= 1.0.4 - Privilege Escalation vulnerability | designthemes | LMS Elementor Pro | 中危 | - | 2026-03-05 05:54:03 | Deep Dive |
| CVE-2026-27390 | WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.1 - Account Takeover vulnerability | designthemes | WeDesignTech Ultimate Booking Addon | 中危 | - | 2026-03-05 05:54:00 | Deep Dive |
| CVE-2026-27389 | WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.1 - Account Takeover vulnerability | designthemes | WeDesignTech Ultimate Booking Addon | 中危 | - | 2026-03-05 05:53:59 | Deep Dive |
| CVE-2026-27388 | WordPress DesignThemes Booking Manager plugin <= 2.0 - Broken Access Control vulnerability | designthemes | DesignThemes Booking Manager | 中危 | - | 2026-03-05 05:53:59 | Deep Dive |
| CVE-2026-27386 | WordPress DesignThemes Directory Addon plugin <= 1.8 - Broken Access Control vulnerability | designthemes | DesignThemes Directory Addon | High | 7.5 | 2026-03-05 05:53:59 | Deep Dive |
| CVE-2026-27385 | WordPress DesignThemes Portfolio plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability | designthemes | DesignThemes Portfolio | 中危 | - | 2026-03-05 05:53:59 | Deep Dive |
| CVE-2026-22473 | WordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerability | designthemes | Dental Clinic | 中危 | - | 2026-03-05 05:53:47 | Deep Dive |
| CVE-2025-69302 | WordPress DesignThemes Core Features plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability | designthemes | DesignThemes Core Features | - | - | 2026-02-20 15:46:47 | Deep Dive |
| CVE-2025-69095 | WordPress Reservation Plugin plugin <= 1.7 - Settings Change vulnerability | designthemes | Reservation Plugin | Medium | 6.5 | 2026-01-22 16:52:26 | Deep Dive |
| CVE-2025-69002 | WordPress OneLife theme <= 3.9 - PHP Object Injection vulnerability | designthemes | OneLife | - | - | 2026-01-22 16:52:16 | Deep Dive |
| CVE-2025-68899 | WordPress Vivagh theme <= 2.4 - PHP Object Injection vulnerability | designthemes | Vivagh | - | - | 2026-01-22 16:52:12 | Deep Dive |
| CVE-2025-67619 | WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability | designthemes | Kids Heaven | - | - | 2026-01-22 16:51:52 | Deep Dive |
| CVE-2025-68982 | WordPress DesignThemes LMS Addon plugin <= 2.6 - Broken Access Control vulnerability | designthemes | DesignThemes LMS Addon | Medium | 5.3 | 2025-12-30 10:47:49 | Deep Dive |
| CVE-2025-68981 | WordPress HomeFix Elementor Portfolio plugin <= 1.0.1 - Broken Access Control vulnerability | designthemes | HomeFix Elementor Portfolio | Medium | 5.3 | 2025-12-30 10:47:49 | Deep Dive |
| CVE-2025-68980 | WordPress WeDesignTech Portfolio plugin <= 1.0.2 - Broken Access Control vulnerability | designthemes | WeDesignTech Portfolio | Medium | 5.3 | 2025-12-30 10:47:49 | Deep Dive |
| CVE-2025-68978 | WordPress DesignThemes Core plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability | designthemes | DesignThemes Core | Medium | 6.5 | 2025-12-30 10:47:48 | Deep Dive |
| CVE-2025-68977 | WordPress DesignThemes Portfolio Addon plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | designthemes | DesignThemes Portfolio Addon | Medium | 6.5 | 2025-12-30 10:47:48 | Deep Dive |
| CVE-2025-64221 | WordPress Reservation Plugin plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability | designthemes | Reservation Plugin | - | - | 2025-12-18 07:22:13 | Deep Dive |
| CVE-2025-13542 | DesignThemes LMS <= 1.0.4 - Unauthenticated Privilege Escalation | DesignThemes | DesignThemes LMS | Critical | 9.8 | 2025-12-02 19:27:16 | Deep Dive |
| CVE-2025-60234 | WordPress Single Property theme <= 2.8 - PHP Object Injection vulnerability | designthemes | Single Property | - | - | 2025-10-22 14:32:47 | Deep Dive |