| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12048 | Lenovo Scanner Pro 安全漏洞 | Lenovo | Scanner Pro | High | 7.5 | 2025-11-12 19:19:05 | Deep Dive |
| CVE-2025-12047 | Lenovo Scanner Pro 安全漏洞 | Lenovo | Scanner Pro | Medium | 5.3 | 2025-11-12 19:18:57 | Deep Dive |
| CVE-2025-11997 | Document Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information Exposure | ngothoai | Document Pro Elementor – Documentation & Knowledge Base | Medium | 5.3 | 2025-11-11 03:30:40 | Deep Dive |
| CVE-2025-12098 | Academy LMS Pro <= 3.3.8 - Unauthenticated Sensitive Information Exposure via 'enqueue_social_login_script' | academylms | Academy LMS Pro | Medium | 5.3 | 2025-11-08 08:27:42 | Deep Dive |
| CVE-2025-62039 | WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.6.6 - Sensitive Data Exposure vulnerability | Ays Pro | AI ChatBot with ChatGPT and Content Generator by AYS | 中危 | - | 2025-11-06 15:55:37 | Deep Dive |
| CVE-2025-8871 | Everest Forms (Pro) <= 1.9.7 - Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature | WPEverest | Everest Forms Pro | Medium | 5.6 | 2025-11-05 02:25:52 | Deep Dive |
| CVE-2025-11193 | Lenovo Tablets 安全漏洞 | Lenovo | Tab M11 TB330FU TB330XU | Medium | 5.5 | 2025-11-03 21:40:32 | Deep Dive |
| CVE-2025-12521 | Analytify Pro <= 7.0.3 - Unauthenticated Information Exposure | Analytify | Analytify Pro | Medium | 5.3 | 2025-10-31 13:48:36 | Deep Dive |
| CVE-2025-30189 | Open-Xchange OX Dovecot Pro 安全漏洞 | Open-Xchange GmbH | OX Dovecot Pro | High | 7.4 | 2025-10-31 09:02:33 | Deep Dive |
| CVE-2025-10897 | WooCommerce Designer Pro <= 1.9.28 - Unauthenticated Arbitrary File Read | JMA Plugins | WooCommerce Designer Pro | High | 8.6 | 2025-10-31 07:26:40 | Deep Dive |
| CVE-2025-64228 | WordPress SUMO Affiliates Pro plugin <= 11.0.0 - Sensitive Data Exposure vulnerability | FantasticPlugins | SUMO Affiliates Pro | - | - | 2025-10-29 08:38:11 | Deep Dive |
| CVE-2025-64212 | WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability | StylemixThemes | MasterStudy LMS Pro | Medium | 5.4 | 2025-10-29 08:38:09 | Deep Dive |
| CVE-2025-58711 | WordPress Blog Designer PRO plugin <= 3.4.8 - Broken Access Control vulnerability | solwin | Blog Designer PRO | Medium | 5.3 | 2025-10-29 08:38:02 | Deep Dive |
| CVE-2025-57931 | WordPress Popup box plugin <= 5.5.4 - Cross Site Request Forgery (CSRF) vulnerability | Ays Pro | Popup box | Medium | 5.3 | 2025-10-29 04:02:10 | Deep Dive |
| CVE-2025-46583 | DOS Vulnerability in ZTE MC889A Pro product | ZTE | MC889A Pro | Medium | 5.3 | 2025-10-27 09:23:38 | Deep Dive |
| CVE-2025-6639 | Tutor LMS Pro – eLearning and online course solution <= 3.8.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to View/Edit Other Assignments | themeum | Tutor LMS Pro | Medium | 5.4 | 2025-10-25 05:31:22 | Deep Dive |
| CVE-2025-6440 | WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload | JMA Plugins | WooCommerce Designer Pro | Critical | 9.8 | 2025-10-24 07:23:28 | Deep Dive |
| CVE-2025-60232 | WordPress KBx Pro Ultimate plugin <= 8.0.5 - PHP Object Injection vulnerability | quantumcloud | KBx Pro Ultimate | - | - | 2025-10-22 14:32:47 | Deep Dive |
| CVE-2025-52748 | WordPress Directory Pro plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability | e-plugins | Directory Pro | - | - | 2025-10-22 14:32:24 | Deep Dive |
| CVE-2025-49917 | WordPress Icegram Express Pro plugin <= 5.9.5 - Server Side Request Forgery (SSRF) vulnerability | Icegram | Icegram Express Pro | - | - | 2025-10-22 14:32:13 | Deep Dive |