| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-64243 | WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability | e-plugins | Directory Pro | Medium | 4.3 | 2025-12-16 08:12:48 | Deep Dive |
| CVE-2025-12809 | dokan pro <= 4.1.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure | wedevs | Dokan Pro | Medium | 5.3 | 2025-12-16 05:25:21 | Deep Dive |
| CVE-2025-14156 | Fox LMS – WordPress LMS Plugin 1.0.4.7 - 1.0.5.1 - Unauthenticated Privilege Escalation via 'createOrder' | ays-pro | Fox LMS – WordPress LMS Plugin | Critical | 9.8 | 2025-12-15 14:25:13 | Deep Dive |
| CVE-2025-14454 | Image Slider by Ays- Responsive Slider and Carousel <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider Deletion | ays-pro | Image Slider by Ays- Responsive Slider and Carousel | Medium | 4.3 | 2025-12-13 03:20:27 | Deep Dive |
| CVE-2025-14159 | Secure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data Export | ays-pro | Secure Copy Content Protection and Content Locking | Medium | 4.3 | 2025-12-12 11:15:50 | Deep Dive |
| CVE-2025-14442 | Secure Copy Content Protection and Content Locking <= 4.9.2 - Unauthenticated Sensitive Information Exposure via Exposed CSV Export File | ays-pro | Secure Copy Content Protection and Content Locking | Medium | 5.3 | 2025-12-12 11:15:49 | Deep Dive |
| CVE-2025-13668 | Quartus Prime Pro Edition Advisory | Altera | Quartus Prime Pro | Medium | 6.7 | 2025-12-11 22:02:40 | Deep Dive |
| CVE-2025-13663 | Quartus Prime Pro Edition Installer Advisory | Altera | Quartus Prime Pro | Medium | 6.7 | 2025-12-11 20:35:25 | Deep Dive |
| CVE-2024-2104 | JBL: Improper BLE security configurations and lack of authentication on the device's GATT server | JBL | LIVE PRO 2 TWS | High | 8.8 | 2025-12-10 12:56:15 | Deep Dive |
| CVE-2025-13955 | Predictable Default Wi-Fi Password in EZCast Pro II Dongle | EZCast | EZCast Pro II | - | - | 2025-12-10 08:30:36 | Deep Dive |
| CVE-2025-13954 | Hard-coded cryptographic keys in EZCast Pro II Dongle | EZCast | EZCast Pro II | - | - | 2025-12-10 08:29:51 | Deep Dive |
| CVE-2025-63045 | WordPress Master Slider Pro plugin <= 3.7.12 - Cross Site Scripting (XSS) vulnerability | averta | Master Slider Pro | - | - | 2025-12-09 14:52:31 | Deep Dive |
| CVE-2025-67595 | WordPress Quiz Maker plugin <= 6.7.0.82 - Cross Site Request Forgery (CSRF) vulnerability | Ays Pro | Quiz Maker | Medium | 4.3 | 2025-12-09 14:14:18 | Deep Dive |
| CVE-2025-67562 | WordPress Image Caption Hover Pro plugin < 20.0 - Broken Access Control vulnerability | WebCodingPlace | Image Caption Hover Pro | Medium | 5.4 | 2025-12-09 14:14:11 | Deep Dive |
| CVE-2025-67518 | WordPress Accordion Slider PRO plugin <= 1.2 - SQL Injection vulnerability | LambertGroup | Accordion Slider PRO | High | 8.5 | 2025-12-09 14:13:58 | Deep Dive |
| CVE-2025-66529 | WordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerability | Ays Pro | Chartify | Medium | 4.3 | 2025-12-09 14:13:54 | Deep Dive |
| CVE-2025-40820 | Siemens多款产品 安全漏洞 | Siemens | SIDOOR ATD430W | High | 7.5 | 2025-12-09 10:44:31 | Deep Dive |
| CVE-2025-66461 | GS Yuasa International FULLBACK Manager Pro 代码问题漏洞 | GS Yuasa International Ltd. | FULLBACK Manager Pro (for Windows) | - | - | 2025-12-08 09:31:44 | Deep Dive |
| CVE-2025-14126 | TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials | TOZED | ZLT M30S | High | 8.8 | 2025-12-06 10:02:05 | Deep Dive |
| CVE-2025-14105 | TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service | TOZED | ZLT M30S | Medium | 4.3 | 2025-12-05 21:02:07 | Deep Dive |