| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15371 | Tenda i24 Shadow File hard-coded credentials | Tenda | i24 | High | 7.8 | 2025-12-31 01:02:07 | Deep Dive |
| CVE-2025-69021 | WordPress Popup box plugin <= 6.0.7 - Cross Site Request Forgery (CSRF) vulnerability | Ays Pro | Popup box | Medium | 5.4 | 2025-12-30 10:47:55 | Deep Dive |
| CVE-2025-68996 | WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Local File Inclusion vulnerability | WebCodingPlace | Responsive Posts Carousel Pro | High | 7.5 | 2025-12-30 10:47:52 | Deep Dive |
| CVE-2025-68990 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - SQL Injection vulnerability | xenioushk | BWL Pro Voting Manager | High | 8.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68991 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Pro Voting Manager | Medium | 6.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2019-25251 | Teradek VidiU Pro 3.0.3 Server-Side Request Forgery via RTMP Settings | Teradek, LLC | VidiU Pro | Medium | 6.5 | 2025-12-24 19:28:04 | Deep Dive |
| CVE-2019-25252 | Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via Password Change | Teradek | VidiU Pro | Medium | 4.3 | 2025-12-24 19:28:04 | Deep Dive |
| CVE-2025-68580 | WordPress Advanced Classifieds & Directory Pro plugin <= 3.2.9 - Cross Site Request Forgery (CSRF) vulnerability | pluginsware | Advanced Classifieds & Directory Pro | Medium | 4.3 | 2025-12-24 13:10:40 | Deep Dive |
| CVE-2025-68038 | WordPress Icegram Express Pro plugin < 5.9.14 - PHP Object Injection vulnerability | Icegram | Icegram Express Pro | High | 7.2 | 2025-12-24 13:10:25 | Deep Dive |
| CVE-2024-24844 | WordPress PowerPack Pro for Elementor plugin <= 2.10.6 - Unauthenticated Plugin Settings Reset vulnerability | IdeaBox Creations | PowerPack Pro for Elementor | High | 7.5 | 2025-12-23 12:06:05 | Deep Dive |
| CVE-2025-68548 | WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability | WebCodingPlace | Responsive Posts Carousel Pro | Medium | 6.5 | 2025-12-23 11:50:41 | Deep Dive |
| CVE-2025-62880 | WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability | Kunal | Custom 404 Pro | Medium | 4.3 | 2025-12-22 09:31:35 | Deep Dive |
| CVE-2023-25446 | WordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerability | HappyFiles | HappyFiles Pro | High | 7.7 | 2025-12-21 00:01:59 | Deep Dive |
| CVE-2023-25445 | WordPress HappyFiles Pro plugin <= 1.8.1 - Broken Access Control vulnerability | HappyFiles | HappyFiles Pro | Medium | 5.4 | 2025-12-21 00:00:41 | Deep Dive |
| CVE-2025-66117 | WordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerability | Ays Pro | Easy Form | High | 7.5 | 2025-12-18 07:22:19 | Deep Dive |
| CVE-2025-64213 | WordPress MasterStudy LMS Pro plugin < 4.7.16 - Sensitive Data Exposure vulnerability | StylemixThemes | MasterStudy LMS Pro | - | - | 2025-12-18 07:22:12 | Deep Dive |
| CVE-2025-64214 | WordPress MasterStudy LMS Pro plugin < 4.7.16 - Arbitrary Content Deletion vulnerability | StylemixThemes | MasterStudy LMS Pro | High | 7.5 | 2025-12-18 07:22:12 | Deep Dive |
| CVE-2025-14817 | Factory Mode App Exists Privilege Escalation Issue Allowing Third-Party Apps to Open ADB | TECNO | Tecno Pova6 Pro 5G | - | - | 2025-12-17 06:21:00 | Deep Dive |
| CVE-2025-66134 | WordPress FileBird Pro plugin <= 6.5.1 - Broken Access Control vulnerability | NinjaTeam | FileBird Pro | Medium | 5.4 | 2025-12-16 08:12:55 | Deep Dive |
| CVE-2025-64251 | WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability | azzaroco | Ultimate Learning Pro | Medium | 4.9 | 2025-12-16 08:12:50 | Deep Dive |