| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-2613 | Login Manager – Design Login Page, View Login Activity, Limit Login Attempts <= 2.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via Custom URL | mehrazmorshed | Login Manager – Design Login Page, View Login Activity, Limit Login Attempts | Medium | 4.4 | 2025-04-18 01:44:11 | Deep Dive |
| CVE-2025-27310 | WordPress Page and Post Lister plugin <= 1.2.1 - Arbitrary Content Deletion vulnerability | Radius of Thought | Page and Post Lister | Medium | 6.5 | 2025-04-17 15:48:01 | Deep Dive |
| CVE-2025-32520 | WordPress WordPress Health and Server Condition plugin <= 4.1.1 - Reflected Cross Site Scripting (XSS) vulnerability | M. Ali Saleem | WordPress Health and Server Condition – Integrated with Google Page Speed | High | 7.1 | 2025-04-17 15:47:43 | Deep Dive |
| CVE-2025-39519 | WordPress Bulk Page Stub Creator plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability | runthings.dev | Bulk Page Stub Creator | High | 7.1 | 2025-04-17 15:46:57 | Deep Dive |
| CVE-2025-39417 | WordPress Redirect wordpress to welcome or landing page plugin <= 2.0 - CSRF to Stored XSS vulnerability | Eslam Mahmoud | Redirect wordpress to welcome or landing page | High | 7.1 | 2025-04-17 15:17:11 | Deep Dive |
| CVE-2025-3739 | Drupal 8 Google Optimize Hide Page - Critical - Unsupported - SA-CONTRIB-2025-040 | Drupal | Drupal 8 Google Optimize Hide Page | - | - | 2025-04-16 16:32:44 | Deep Dive |
| CVE-2025-26992 | WordPress Landing Page Cat plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability | fatcatapps | Landing Page Cat | High | 7.1 | 2025-04-15 11:58:09 | Deep Dive |
| CVE-2024-13207 | Widget for Social Page Feeds < 6.4.2 - Admin+ Stored XSS | Unknown | Widget for Social Page Feeds | - | - | 2025-04-15 06:00:06 | Deep Dive |
| CVE-2025-3276 | SKT Blocks – Gutenberg based Page Builder <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | sonalsinha21 | SKT Blocks – Gutenberg based Page Builder | Medium | 6.4 | 2025-04-12 06:37:19 | Deep Dive |
| CVE-2025-31034 | WordPress Customize Login Page plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability | AboZain Albanna | Customize Login Page | Medium | 4.3 | 2025-04-09 16:10:13 | Deep Dive |
| CVE-2025-32518 | WordPress ALD Login Page plugin <= 1.1 - CSRF to Stored XSS vulnerability | hossainawlad | ALD Login Page | High | 7.1 | 2025-04-09 16:09:41 | Deep Dive |
| CVE-2025-32226 | WordPress Display product variations dropdown on shop page plugin <= 1.1.3 - Broken Access Control vulnerability | Anzar Ahmed | Display product variations dropdown on shop page | Medium | 4.3 | 2025-04-04 15:59:16 | Deep Dive |
| CVE-2025-32185 | WordPress Colibri Page Builder plugin <= 1.0.329 - Cross Site Scripting (XSS) vulnerability | Extend Themes | Colibri Page Builder | Medium | 6.5 | 2025-04-04 15:58:59 | Deep Dive |
| CVE-2025-31850 | WordPress PDF Generator Addon for Elementor Page Builder plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability | RedefiningTheWeb | PDF Generator Addon for Elementor Page Builder | Medium | 6.5 | 2025-04-01 14:52:00 | Deep Dive |
| CVE-2025-31771 | WordPress Team Members for Elementor Page Builder plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | Sultan Nasir Uddin | Team Members for Elementor Page Builder | Medium | 6.5 | 2025-04-01 14:51:20 | Deep Dive |
| CVE-2025-31769 | WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability | NiteoThemes | CLP – Custom Login Page by NiteoThemes | Medium | 4.3 | 2025-04-01 14:51:19 | Deep Dive |
| CVE-2025-31466 | WordPress Duplicate Page and Post plugin <= 1.0 - SQL Injection Vulnerability | Falcon Solutions | Duplicate Page and Post | High | 8.5 | 2025-03-28 11:54:06 | Deep Dive |
| CVE-2025-31470 | WordPress Page Takeover plugin <= 1.1.6 - Cross Site Scripting (XSS) Vulnerability | FancyThemes | Page Takeover | Medium | 5.9 | 2025-03-28 11:54:05 | Deep Dive |
| CVE-2025-31471 | WordPress Duplicate Page and Post plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability | Falcon Solutions | Duplicate Page and Post | Medium | 5.9 | 2025-03-28 11:54:04 | Deep Dive |
| CVE-2025-2294 | Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion | extendthemes | Kubio AI Page Builder | Critical | 9.8 | 2025-03-28 04:22:42 | Deep Dive |