| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27049 | WordPress Jobica Core plugin <= 1.4.2 - Account Takeover vulnerability | NooTheme | Jobica Core | Critical | 9.8 | 2026-03-25 16:14:54 | Deep Dive |
| CVE-2026-27047 | WordPress Curly Core plugin <= 2.1.6 - Local File Inclusion vulnerability | Mikado-Themes | Curly Core | High | 8.1 | 2026-03-25 16:14:53 | Deep Dive |
| CVE-2026-27048 | WordPress The Aisle Core plugin <= 2.0.5 - Local File Inclusion vulnerability | Elated-Themes | The Aisle Core | High | 8.1 | 2026-03-25 16:14:53 | Deep Dive |
| CVE-2026-25461 | WordPress Listeo Core plugin <= 2.0.21 - Reflected Cross Site Scripting (XSS) vulnerability | purethemes | Listeo Core | High | 7.1 | 2026-03-25 16:14:51 | Deep Dive |
| CVE-2026-25460 | WordPress Ave Core plugin <= 2.9.1 - Broken Access Control vulnerability | LiquidThemes | Ave Core | Medium | 6.3 | 2026-03-25 16:14:51 | Deep Dive |
| CVE-2026-25306 | WordPress XStore Core plugin <= 5.6.4 - Reflected Cross Site Scripting (XSS) vulnerability | 8theme | XStore Core | High | 7.1 | 2026-03-25 16:14:39 | Deep Dive |
| CVE-2026-24983 | WordPress UpSolution Core plugin <= 8.41 - Reflected Cross Site Scripting (XSS) vulnerability | UpSolution | UpSolution Core | High | 7.1 | 2026-03-25 16:14:36 | Deep Dive |
| CVE-2026-24980 | WordPress Visionary Core plugin <= 1.4.9 - Reflected Cross Site Scripting (XSS) vulnerability | NooTheme | Visionary Core | High | 7.1 | 2026-03-25 16:14:36 | Deep Dive |
| CVE-2026-24981 | WordPress Visionary Core plugin <= 1.4.9 - PHP Object Injection vulnerability | NooTheme | Visionary Core | High | 8.8 | 2026-03-25 16:14:36 | Deep Dive |
| CVE-2026-24978 | WordPress Jobica Core plugin <= 1.4.1 - PHP Object Injection vulnerability | NooTheme | Jobica Core | High | 8.8 | 2026-03-25 16:14:35 | Deep Dive |
| CVE-2026-24979 | WordPress Jobica Core plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability | NooTheme | Jobica Core | High | 7.1 | 2026-03-25 16:14:35 | Deep Dive |
| CVE-2026-22484 | WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability | pebas | Lisfinity Core | Critical | 9.3 | 2026-03-25 16:14:23 | Deep Dive |
| CVE-2024-58341 | OpenCart Core 4.0.2.3 SQL Injection via search Parameter | Opencart | OpenCart Core | High | 8.2 | 2026-03-25 16:04:36 | Deep Dive |
| CVE-2026-23514 | Kiteworks Core before 9.2.2 is vulnerable to Improper Ownership Management | kiteworks | core | High | 8.8 | 2026-03-25 14:19:01 | Deep Dive |
| CVE-2026-33283 | Ella Core panics on malformed ULNASTransport Message without a Request Type | ellanetworks | core | Medium | 6.5 | 2026-03-23 23:49:43 | Deep Dive |
| CVE-2026-33282 | Ella Core panics on malformed NGAP Location Report | ellanetworks | core | High | 7.5 | 2026-03-23 23:47:26 | Deep Dive |
| CVE-2026-33281 | Ella Core panics on invalid PDU Session IDs in NGAP messages | ellanetworks | core | Medium | 6.5 | 2026-03-23 23:46:13 | Deep Dive |
| CVE-2026-3533 | JupiterX Core <= 4.14.1 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import | artbees | Jupiter X Core | High | 8.8 | 2026-03-23 23:25:49 | Deep Dive |
| CVE-2026-33180 | HAPI FHIR HTTP authentication leak in redirects | hapifhir | org.hl7.fhir.core | High | 7.5 | 2026-03-20 22:20:00 | Deep Dive |
| CVE-2026-33013 | Micronaut vulnerable to DoS via crafted form-urlencoded body binding with descending array indices | micronaut-projects | micronaut-core | 中危 | - | 2026-03-20 04:47:43 | Deep Dive |