| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-1303 | Plugin Oficial – Getnet para WooCommerce <= 1.7.3 - Unauthenticated Reflected XSS | Unknown | Plugin Oficial | - | - | 2025-05-15 20:07:27 | Deep Dive |
| CVE-2025-1033 | Badgearoo <= 1.0.14 - Admin+ Stored XSS | Unknown | Badgearoo | - | - | 2025-05-15 20:07:26 | Deep Dive |
| CVE-2025-0688 | Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS | Unknown | Spiritual Gifts Survey (and optional S.H.A.P.E survey) | - | - | 2025-05-15 20:07:26 | Deep Dive |
| CVE-2025-1286 | Download HTML TinyMCE Button <= 1.2 - Reflected XSS | Unknown | Download HTML TinyMCE Button | - | - | 2025-05-15 20:07:26 | Deep Dive |
| CVE-2025-1288 | wooexim <= 5.0.0 - CSRF to Reflected XSS | Unknown | WOOEXIM | - | - | 2025-05-15 20:07:26 | Deep Dive |
| CVE-2025-0687 | Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS | Unknown | Spiritual Gifts Survey (and optional S.H.A.P.E survey) | - | - | 2025-05-15 20:07:25 | Deep Dive |
| CVE-2025-0329 | AI ChatBot for WordPress – WPBot < 6.2.4 - Admin+ Stored XSS | Unknown | AI ChatBot for WordPress | - | - | 2025-05-15 20:07:25 | Deep Dive |
| CVE-2024-9882 | Salon Booking System < 10.9.4 - Admin+ Stored XSS | Unknown | Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses | - | - | 2025-05-15 20:07:25 | Deep Dive |
| CVE-2024-9838 | Auto Affiliate Links < 6.4.7 - Admin+ SQL Injection | Unknown | Auto Affiliate Links | - | - | 2025-05-15 20:07:24 | Deep Dive |
| CVE-2024-9831 | Taskbuilder < 3.0.9 - Admin+ SQL Injection | Unknown | Taskbuilder | - | - | 2025-05-15 20:07:24 | Deep Dive |
| CVE-2024-9879 | Website File Changes < 2.1.1 - Authenticated SQL Injection | Unknown | Melapress File Monitor | - | - | 2025-05-15 20:07:24 | Deep Dive |
| CVE-2024-9765 | EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability | Unknown | EKC Tournament Manager | - | - | 2025-05-15 20:07:23 | Deep Dive |
| CVE-2024-9709 | EKC Tournament Manager < 2.2.2 - Create Tournaments/Teams via CSRF | Unknown | EKC Tournament Manager | - | - | 2025-05-15 20:07:23 | Deep Dive |
| CVE-2024-9711 | EKC Tournament Manager < 2.2.2 - Delete Tournaments via CSRF | Unknown | EKC Tournament Manager | - | - | 2025-05-15 20:07:23 | Deep Dive |
| CVE-2024-9662 | CYAN Backup < 2.5.3 - Admin+ Stored XSS via General Settings | Unknown | CYAN Backup | - | - | 2025-05-15 20:07:22 | Deep Dive |
| CVE-2024-9663 | CYAN Backup < 2.5.3 - Admin+ Stored XSS via Remote Storage Settings | Unknown | CYAN Backup | - | - | 2025-05-15 20:07:22 | Deep Dive |
| CVE-2024-9645 | Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS | Unknown | Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry | - | - | 2025-05-15 20:07:22 | Deep Dive |
| CVE-2024-9599 | Popup Box < 4.7.8 - Admin+ Stored XSS | Unknown | Popup Box | - | - | 2025-05-15 20:07:22 | Deep Dive |
| CVE-2024-9390 | RegistrationMagic < 6.0.2.1 - Stored XSS | Unknown | RegistrationMagic | - | - | 2025-05-15 20:07:21 | Deep Dive |
| CVE-2024-9238 | AVIF & SVG Uploader <= 1.1.0 - Author+ Stored XSS via SVG Uplaod | Unknown | AVIF Uploader | - | - | 2025-05-15 20:07:21 | Deep Dive |