| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-63012 | WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Request Forgery (CSRF) vulnerability | ThimPress | WP Hotel Booking | Medium | 4.3 | 2025-12-09 14:52:28 | Deep Dive |
| CVE-2025-63013 | WordPress WP Hotel Booking plugin <= 2.2.7 - Sensitive Data Exposure vulnerability | ThimPress | WP Hotel Booking | Medium | 4.3 | 2025-12-09 14:52:28 | Deep Dive |
| CVE-2025-67594 | WordPress Thim Elementor Kit plugin <= 1.3.3 - Insecure Direct Object References (IDOR) vulnerability | ThimPress | Thim Elementor Kit | Medium | 4.3 | 2025-12-09 14:14:18 | Deep Dive |
| CVE-2025-67573 | WordPress Sailing theme < 4.4.6 - Broken Access Control vulnerability | ThimPress | Sailing | - | - | 2025-12-09 14:14:13 | Deep Dive |
| CVE-2025-67536 | WordPress LearnPress plugin <= 4.2.9.4 - Cross Site Scripting (XSS) vulnerability | ThimPress | LearnPress | - | - | 2025-12-09 14:14:04 | Deep Dive |
| CVE-2025-67526 | WordPress Sailing theme < 4.4.6 - Local File Inclusion vulnerability | ThimPress | Sailing | High | 7.5 | 2025-12-09 14:14:00 | Deep Dive |
| CVE-2025-11368 | LearnPress – WordPress LMS Plugin <= 4.2.9.4 - Missing Authorization to Unauthenticated Arbitrary Callback Execution to Information Exposure | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Medium | 5.3 | 2025-11-21 05:32:05 | Deep Dive |
| CVE-2025-60200 | WordPress LearnPress Export Import plugin <= 4.1.2 - Local File Inclusion vulnerability | ThimPress | LearnPress Export Import | High | 7.5 | 2025-11-06 15:55:00 | Deep Dive |
| CVE-2025-54721 | WordPress Resca theme <= 3.0.2 - Cross Site Scripting (XSS) vulnerability | ThimPress | Resca | 中危 | - | 2025-11-06 15:54:16 | Deep Dive |
| CVE-2025-64195 | WordPress Eduma theme <= 5.7.6 - Local File Inclusion vulnerability | ThimPress | Eduma | - | - | 2025-10-29 08:38:04 | Deep Dive |
| CVE-2025-64194 | WordPress Eduma theme <= 5.7.6 - Cross Site Scripting (XSS) vulnerability | ThimPress | Eduma | - | - | 2025-10-29 08:38:04 | Deep Dive |
| CVE-2025-60227 | WordPress WP Pipes plugin <= 1.4.3 - Arbitrary File Deletion vulnerability | ThimPress | WP Pipes | High | 8.6 | 2025-10-22 14:32:46 | Deep Dive |
| CVE-2025-49992 | WordPress LearnPress Export Import plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability | ThimPress | LearnPress Export Import | - | - | 2025-10-22 14:32:22 | Deep Dive |
| CVE-2025-11372 | LearnPress – WordPress LMS Plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Medium | 6.5 | 2025-10-18 06:42:49 | Deep Dive |
| CVE-2025-57987 | WordPress WP Events Manager Plugin <= 2.2.1 - Broken Access Control Vulnerability | ThimPress | WP Events Manager | Medium | 5.3 | 2025-09-22 18:24:25 | Deep Dive |
| CVE-2025-28977 | WordPress WP Pipes Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability | ThimPress | WP Pipes | High | 7.1 | 2025-08-20 08:03:48 | Deep Dive |
| CVE-2025-28979 | WordPress WP Pipes <= 1.4.3 - Local File Inclusion Vulnerability | ThimPress | WP Pipes | High | 8.1 | 2025-08-14 10:34:34 | Deep Dive |
| CVE-2025-28982 | WordPress WP Pipes plugin <= 1.4.3 - SQL Injection Vulnerability | ThimPress | WP Pipes | Critical | 9.3 | 2025-07-16 11:28:11 | Deep Dive |
| CVE-2025-48267 | WordPress WP Pipes plugin <= 1.4.2 - Arbitrary File Deletion Vulnerability | ThimPress | WP Pipes | High | 8.6 | 2025-06-09 15:53:56 | Deep Dive |
| CVE-2025-48336 | WordPress Course Builder < 3.6.6 - PHP Object Injection Vulnerability | ThimPress | Course Builder | Critical | 9.8 | 2025-05-29 18:54:34 | Deep Dive |