| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15636 | WordPress YouTube Showcase plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability | emarket-design | YouTube Showcase | Medium | 6.5 | 2026-04-15 15:55:52 | Deep Dive |
| CVE-2025-64248 | WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability | emarket-design | Request a Quote | - | - | 2025-12-16 08:12:49 | Deep Dive |
| CVE-2025-13403 | Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification | emarket-design | Employee Spotlight – Team Member Showcase & Meet the Team Plugin | Medium | 4.3 | 2025-12-13 03:20:24 | Deep Dive |
| CVE-2025-12090 | Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Employee Spotlight – Team Member Showcase & Meet the Team Plugin | Medium | 6.4 | 2025-11-01 05:40:23 | Deep Dive |
| CVE-2025-60157 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | Medium | 6.5 | 2025-09-26 08:31:57 | Deep Dive |
| CVE-2025-58915 | WordPress Request a Quote plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability | emarket-design | Request a Quote | Medium | 6.5 | 2025-09-23 02:08:41 | Deep Dive |
| CVE-2025-54731 | WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability | emarket-design | YouTube Showcase | High | 8.1 | 2025-08-28 12:37:38 | Deep Dive |
| CVE-2025-53584 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | High | 8.1 | 2025-08-28 12:37:33 | Deep Dive |
| CVE-2025-53583 | WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability | emarket-design | Employee Spotlight | High | 8.1 | 2025-08-28 12:37:32 | Deep Dive |
| CVE-2025-53572 | WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability | emarket-design | WP Easy Contact | High | 8.1 | 2025-08-28 12:37:30 | Deep Dive |
| CVE-2025-53243 | WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability | emarket-design | Employee Directory – Staff Listing & Team Directory Plugin for WordPress | High | 8.1 | 2025-08-28 12:37:23 | Deep Dive |
| CVE-2025-8314 | Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Project Management, Bug and Issue Tracking Plugin – Software Issue Manager | Medium | 6.4 | 2025-08-12 04:25:41 | Deep Dive |
| CVE-2025-8420 | Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | High | 8.1 | 2025-08-06 02:24:12 | Deep Dive |
| CVE-2025-8295 | Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Employee Directory – Staff & Team Directory | Medium | 6.4 | 2025-08-05 07:24:16 | Deep Dive |
| CVE-2025-8313 | Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | Medium | 6.4 | 2025-08-05 06:39:49 | Deep Dive |
| CVE-2025-8315 | WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact | Medium | 6.4 | 2025-08-05 06:39:48 | Deep Dive |
| CVE-2025-5540 | Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Event RSVP and Simple Event Management Plugin | Medium | 6.4 | 2025-06-26 02:06:36 | Deep Dive |
| CVE-2025-5539 | Simplify Contact Management: WP Easy Contact <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact | Medium | 6.4 | 2025-06-04 04:22:42 | Deep Dive |
| CVE-2025-5532 | Faculty Staff and Student Directory Plugin – Campus Directory <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | Medium | 6.4 | 2025-06-04 03:40:59 | Deep Dive |
| CVE-2025-5531 | Staff Directory – Employee Directory for WordPress <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Employee Directory – Staff & Team Directory | Medium | 6.4 | 2025-06-04 03:40:58 | Deep Dive |