| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-48098 | WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability | Ays Pro | Survey Maker | - | - | 2025-10-22 14:32:07 | Deep Dive |
| CVE-2025-48095 | WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability | Ays Pro | Survey Maker | - | - | 2025-10-22 14:32:07 | Deep Dive |
| CVE-2025-32657 | WordPress Testimonial Slider and Showcase Pro plugin <= 2.1.7 - Local File Inclusion vulnerability | RadiusTheme | Testimonial Slider And Showcase Pro | - | - | 2025-10-22 14:32:06 | Deep Dive |
| CVE-2025-11086 | Academy LMS Pro <= 3.3.7 - Unauthenticated Privilege Escalation via Social Login Addon | academylms | Academy LMS Pro | High | 8.1 | 2025-10-22 11:25:18 | Deep Dive |
| CVE-2025-7851 | Unauthorized root access via debug functionality | TP-Link Systems Inc. | Omada gateways | - | - | 2025-10-21 00:29:06 | Deep Dive |
| CVE-2025-7850 | Authenticated OS command execution | TP-Link Systems Inc. | Omada gateways | - | - | 2025-10-21 00:28:12 | Deep Dive |
| CVE-2025-6542 | OS command injection in multiple parameters | TP-Link Systems Inc. | Omada gateways | - | - | 2025-10-21 00:23:09 | Deep Dive |
| CVE-2025-6541 | OS command injection using information obtained from the web management interface | TP-Link Systems Inc. | Omada gateways | - | - | 2025-10-21 00:21:43 | Deep Dive |
| CVE-2025-41718 | Murrelektronik: Unprotected Transport of Credentials | Murrelektronik | Firmware Impact67 Pro 54630 | High | 7.5 | 2025-10-14 08:25:52 | Deep Dive |
| CVE-2025-11666 | Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password | Tenda | RP3 Pro | Medium | 6.7 | 2025-10-13 07:02:07 | Deep Dive |
| CVE-2025-9947 | Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter | kunalnagar | Custom 404 Pro | Medium | 4.9 | 2025-10-11 09:28:42 | Deep Dive |
| CVE-2025-6439 | WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Deletion | JMA Plugins | WooCommerce Designer Pro | Critical | 9.8 | 2025-10-11 09:28:38 | Deep Dive |
| CVE-2025-11171 | Chartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative Function | ays-pro | Chartify – WordPress Chart Plugin | Medium | 5.3 | 2025-10-08 05:24:49 | Deep Dive |
| CVE-2025-11195 | Rapid7 AppSpider Project Name Validation Bypass | Rapid7 | AppSpider Pro | Low | 3.3 | 2025-09-30 18:12:50 | Deep Dive |
| CVE-2024-13150 | SQLi in Fayton Software's fayton.pro ERP | Fayton Software and Consulting Services | fayton.pro ERP | Critical | 9.8 | 2025-09-29 12:59:49 | Deep Dive |
| CVE-2025-60219 | WordPress WooCommerce Designer Pro Plugin <= 1.9.24 - Arbitrary File Upload Vulnerability | HaruTheme | WooCommerce Designer Pro | Critical | 10.0 | 2025-09-26 08:32:14 | Deep Dive |
| CVE-2025-60166 | WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability | wpshuffle | WP Subscription Forms PRO | Medium | 4.3 | 2025-09-26 08:32:03 | Deep Dive |
| CVE-2025-10988 | YunaiV ruoyi-vue-pro transfer improper authorization | YunaiV | ruoyi-vue-pro | Medium | 6.3 | 2025-09-26 00:32:07 | Deep Dive |
| CVE-2025-36857 | Rapid7 Appspider Broken Access Control Vulnerability | Rapid7 | Appspider Pro | Low | 3.3 | 2025-09-25 14:41:36 | Deep Dive |
| CVE-2025-57947 | WordPress Photo Gallery by Ays Plugin <= 6.3.8 - Cross Site Scripting (XSS) Vulnerability | Ays Pro | Photo Gallery by Ays | Medium | 6.5 | 2025-09-22 18:24:54 | Deep Dive |