| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-0580 | SourceCodester API Key Manager App Import Key cross site scripting | SourceCodester | API Key Manager App | Low | 3.5 | 2026-01-05 07:32:06 | Deep Dive |
| CVE-2025-59135 | WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability | eleopard | Behance Portfolio Manager | Medium | 5.9 | 2025-12-31 17:20:10 | Deep Dive |
| CVE-2025-63000 | WordPress Sermon Manager plugin <= 2.30.0 - Cross Site Scripting (XSS) vulnerability | wpforchurch | Sermon Manager | Medium | 6.5 | 2025-12-31 08:50:24 | Deep Dive |
| CVE-2025-59137 | WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerability | eleopard | Behance Portfolio Manager | High | 7.1 | 2025-12-31 04:33:22 | Deep Dive |
| CVE-2022-50802 | ETAP Safety Manager 1.0.0.32 Unauthenticated Reflected Cross-Site Scripting via Action Parameter | ETAP Lighting International NV | ETAP Safety Manager | Medium | 6.1 | 2025-12-30 22:42:58 | Deep Dive |
| CVE-2025-68990 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - SQL Injection vulnerability | xenioushk | BWL Pro Voting Manager | High | 8.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68991 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Pro Voting Manager | Medium | 6.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68992 | WordPress BWL Knowledge Base Manager plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Knowledge Base Manager | 中危 | - | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68040 | WordPress WP Project Manager plugin <= 3.0.1 - Sensitive Data Exposure vulnerability | weDevs | WP Project Manager | Medium | 6.5 | 2025-12-29 23:25:11 | Deep Dive |
| CVE-2025-13592 | Advanced Ads <= 2.0.14 - Authenticated (Editor+) Remote Code Execution via Shortcode | monetizemore | Advanced Ads – Ad Manager & AdSense | High | 7.2 | 2025-12-29 18:20:51 | Deep Dive |
| CVE-2025-14280 | PixelYourSite <= 11.1.5 - Sensitive Information Exposure via Log File | pixelyoursite | PixelYourSite – Your smart PIXEL (TAG) & API Manager | Medium | 5.3 | 2025-12-29 18:20:50 | Deep Dive |
| CVE-2025-52601 | Hardcoding sensitive information | Hanwha Vision Co., Ltd. | Device Manager | 高危 | - | 2025-12-26 04:29:26 | Deep Dive |
| CVE-2025-14913 | Frontend Post Submission Manager Lite <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion | wpshuffle | Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin | Medium | 5.3 | 2025-12-25 23:20:03 | Deep Dive |
| CVE-2019-25244 | Legrand BTicino Driver Manager F454 1.0.51 CSRF and Stored XSS Vulnerabilities | BTicino S.p.A. | Legrand BTicino Driver Manager F454 | Medium | 5.3 | 2025-12-24 19:27:59 | Deep Dive |
| CVE-2025-14080 | Frontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification | wpshuffle | Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin | Medium | 5.3 | 2025-12-21 02:20:31 | Deep Dive |
| CVE-2025-12874 | HTTP Request Smuggling in Quest Coexistence Manager for Notes | Quest | Coexistence Manager for Notes | - | - | 2025-12-19 19:36:57 | Deep Dive |
| CVE-2025-63002 | WordPress Sermon Manager plugin <= 2.30.0 - Broken Access Control vulnerability | wpforchurch | Sermon Manager | Medium | 5.3 | 2025-12-18 16:46:48 | Deep Dive |
| CVE-2025-9787 | Stored XSS | Zohocorp | ManageEngine Applications Manager | Medium | 6.1 | 2025-12-18 14:14:53 | Deep Dive |
| CVE-2025-64266 | WordPress Booking and Rental Manager plugin <= 2.5.4 - PHP Object Injection vulnerability | magepeopleteam | Booking and Rental Manager | - | - | 2025-12-18 07:22:14 | Deep Dive |
| CVE-2025-60078 | WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability | Agence web Eoxia – Montpellier | Task Manager | High | 7.5 | 2025-12-18 07:22:07 | Deep Dive |