| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-24771 | WordPress Content Manager Light plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability | OTWthemes | Content Manager Light | High | 7.1 | 2025-07-04 11:18:11 | Deep Dive |
| CVE-2025-48123 | WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Remote Code Execution (RCE) Vulnerability | Holest Engineering | Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light | Critical | 10.0 | 2025-06-09 15:54:06 | Deep Dive |
| CVE-2025-48122 | WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - SQL Injection Vulnerability | Holest Engineering | Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light | Critical | 9.3 | 2025-06-09 15:54:06 | Deep Dive |
| CVE-2025-48124 | WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Arbitrary File Download Vulnerability | Holest Engineering | Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light | High | 7.5 | 2025-06-09 15:54:05 | Deep Dive |
| CVE-2025-48129 | WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Privilege Escalation Vulnerability | Holest Engineering | Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light | Critical | 9.8 | 2025-06-09 15:54:03 | Deep Dive |
| CVE-2025-30995 | WordPress Widgetize Pages Light plugin <= 3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | OTWthemes | Widgetize Pages Light | High | 7.1 | 2025-06-06 12:54:01 | Deep Dive |
| CVE-2025-47647 | WordPress Sidebar Manager Light plugin <= 1.18 - Cross Site Request Forgery (CSRF) Vulnerability | OTWthemes | Sidebar Manager Light | Medium | 4.3 | 2025-05-07 14:20:43 | Deep Dive |
| CVE-2025-39378 | WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Local File Inclusion vulnerability | Holest Engineering | Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light | High | 7.5 | 2025-04-24 16:08:39 | Deep Dive |
| CVE-2025-32115 | WordPress Popping Content Light plugin <= 2.4 - Reflected Cross Site Scripting (XSS) vulnerability | OTWthemes | Popping Content Light | High | 7.1 | 2025-04-10 08:09:41 | Deep Dive |
| CVE-2025-32117 | WordPress Widgetize Pages Light plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability | OTWthemes | Widgetize Pages Light | High | 7.1 | 2025-04-08 16:59:34 | Deep Dive |
| CVE-2025-32112 | WordPress Sidebar Manager Light plugin <= 1.18 - CSRF to Stored XSS vulnerability | OTWthemes | Sidebar Manager Light | High | 7.1 | 2025-04-04 15:58:19 | Deep Dive |
| CVE-2025-31768 | WordPress Widget Manager Light plugin <= 1.18 - Broken Access Control vulnerability | OTWthemes | Widget Manager Light | Medium | 6.5 | 2025-04-03 13:27:14 | Deep Dive |
| CVE-2025-31770 | WordPress Content Manager Light plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability | OTWthemes | Content Manager Light | Medium | 6.5 | 2025-04-01 14:51:19 | Deep Dive |
| CVE-2025-2189 | Information Disclosure Vulnerability in Tinxy Smart Devices | Mogify Infotech | Tinxy Wi-Fi Lock Controller v1 RF | 中危 | - | 2025-03-11 11:40:20 | Deep Dive |
| CVE-2024-13614 | Kaspersky多款产品 安全漏洞 | Kaspersky | Kaspersky Anti-Virus SDK for Windows | Medium | 5.3 | 2025-02-06 16:13:08 | Deep Dive |
| CVE-2025-22313 | WordPress Widgetize Pages Light plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability | OTWthemes | Widgetize Pages Light | High | 7.1 | 2025-01-09 15:39:32 | Deep Dive |
| CVE-2023-48776 | WordPress canvasio3D Light plugin <= 2.5.0 - Broken Access Control vulnerability | virtuellwerk | canvasio3D Light | 中危 | - | 2024-12-09 11:30:25 | Deep Dive |
| CVE-2024-49689 | WordPress HD Quiz – Save Results Light plugin <= 0.5 - Broken Access Control vulnerability | Harmonic Design | HD Quiz – Save Results Light | Medium | 5.4 | 2024-11-19 16:30:40 | Deep Dive |
| CVE-2024-52432 | WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability | NIX Solutions Ltd | NIX Anti-Spam Light | Critical | 9.8 | 2024-11-18 14:24:50 | Deep Dive |
| CVE-2024-9848 | Product Customizer Light <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | k2servicecom | Product Customizer Light | Medium | 6.4 | 2024-10-18 04:32:50 | Deep Dive |