| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-5425 | juzaweb CMS Theme Editor Page default access control | juzaweb | CMS | Medium | 6.3 | 2025-06-02 02:31:04 | Deep Dive |
| CVE-2025-5424 | juzaweb CMS Media Page media access control | juzaweb | CMS | Medium | 6.3 | 2025-06-02 02:00:16 | Deep Dive |
| CVE-2025-5423 | juzaweb CMS General Setting Page general access control | juzaweb | CMS | Medium | 6.3 | 2025-06-02 01:31:04 | Deep Dive |
| CVE-2025-5422 | juzaweb CMS Email Logs Page email access control | juzaweb | CMS | Medium | 4.3 | 2025-06-02 01:00:24 | Deep Dive |
| CVE-2025-5421 | juzaweb CMS Plugin Editor Page editor access control | juzaweb | CMS | Medium | 6.3 | 2025-06-02 00:31:04 | Deep Dive |
| CVE-2025-5420 | juzaweb CMS Profile Page upload cross site scripting | juzaweb | CMS | Low | 3.5 | 2025-06-02 00:00:15 | Deep Dive |
| CVE-2025-5383 | Yifang CMS Article Management Module cross site scripting | Yifang | CMS | Low | 2.4 | 2025-05-31 15:00:16 | Deep Dive |
| CVE-2025-5381 | Yifang CMS Admin Panel downloadFile path traversal | Yifang | CMS | Low | 2.7 | 2025-05-31 14:31:10 | Deep Dive |
| CVE-2025-5153 | CMS Made Simple Design Manager Module cross site scripting | - | CMS Made Simple | Low | 3.5 | 2025-05-25 17:31:05 | Deep Dive |
| CVE-2025-27566 | appleple a-blog cms 路径遍历漏洞 | appleple inc. | a-blog cms | Low | 3.8 | 2025-05-19 08:09:26 | Deep Dive |
| CVE-2025-32999 | appleple a-blog cms 跨站脚本漏洞 | appleple inc. | a-blog cms | Medium | 5.4 | 2025-05-19 08:08:52 | Deep Dive |
| CVE-2025-36560 | appleple a-blog cms 代码问题漏洞 | appleple inc. | a-blog cms | High | 8.6 | 2025-05-19 08:08:01 | Deep Dive |
| CVE-2025-41429 | appleple a-blog cms 安全漏洞 | appleple inc. | a-blog cms | Medium | 4.8 | 2025-05-19 08:07:38 | Deep Dive |
| CVE-2025-35939 | Craft CMS stores user-provided content in session files | Craft | CMS | Medium | 5.3 | 2025-05-07 22:41:30 | Deep Dive |
| CVE-2025-46736 | Umbraco Makes User Enumeration Feasible Based on Timing of Login Response | umbraco | Umbraco-CMS | Medium | 5.3 | 2025-05-06 17:08:24 | Deep Dive |
| CVE-2025-46731 | Craft CMS Contains a Potential Remote Code Execution Vulnerability via Twig SSTI | craftcms | cms | - | - | 2025-05-05 19:35:31 | Deep Dive |
| CVE-2025-3977 | iteachyou Dreamer CMS Attachment download improper authorization | iteachyou | Dreamer CMS | Medium | 4.3 | 2025-04-27 16:31:09 | Deep Dive |
| CVE-2025-32432 | Craft CMS Allows Remote Code Execution | craftcms | cms | Critical | 10.0 | 2025-04-25 15:04:06 | Deep Dive |
| CVE-2025-46457 | WordPress Wp Custom CMS Block plugin <= 2.1 - CSRF to Stored XSS vulnerability | Ahsanullah Akanda | Wp Custom CMS Block | High | 7.1 | 2025-04-24 16:09:07 | Deep Dive |
| CVE-2025-3691 | mirweiye Seven Bears Library CMS Add Link server-side request forgery | mirweiye | Seven Bears Library CMS | Low | 2.7 | 2025-04-16 13:00:15 | Deep Dive |