| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2343 | PeproDev Ultimate Invoice <= 2.2.5 - Unauthenticated Invoice Archive Download | Unknown | PeproDev Ultimate Invoice | 中危 | - | 2026-03-25 06:00:02 | Deep Dive |
| CVE-2026-1969 | ThemeREX Addons < 2.38.5 - Unauthenticated Arbitrary File Upload | Unknown | trx_addons | 中危 | - | 2026-03-23 06:00:04 | Deep Dive |
| CVE-2025-15363 | Get Use APIs < 2.0.10 - Contributor+ Stored XSS | Unknown | Get Use APIs | 中危 | - | 2026-03-18 06:00:10 | Deep Dive |
| CVE-2026-2687 | Reading progressbar < 1.3.1 - Admin+ Stored XSS | Unknown | Reading progressbar | - | - | 2026-03-12 06:00:12 | Deep Dive |
| CVE-2025-15473 | Timetics < 1.0.52 - Unauthenticated Payment/Booking Status Update | Unknown | Timetics | - | - | 2026-03-12 06:00:11 | Deep Dive |
| CVE-2019-25474 | Easy MP3 Downloader 4.7.8.8 Denial of Service Buffer Overflow | Unknown | Easy MP3 Downloader Denial of Service | Medium | 6.2 | 2026-03-11 18:23:16 | Deep Dive |
| CVE-2026-2626 | Divi Booster < 5.0.2 - Unauthenticated PHP Object Injection | Unknown | divi-booster | - | - | 2026-03-11 06:00:11 | Deep Dive |
| CVE-2026-2631 | Datalogics Ecommerce Delivery < 2.6.60 - Unauthenticated Privilege Escalation | Unknown | Datalogics Ecommerce Delivery | - | - | 2026-03-11 06:00:11 | Deep Dive |
| CVE-2026-2466 | DukaPress <= 3.2.4 - Reflected XSS | Unknown | DukaPress | - | - | 2026-03-11 06:00:10 | Deep Dive |
| CVE-2026-1867 | WP Front User Submit < 5.0.6 - Unauthenticated Sensitive Information Exposure | Unknown | Guest posting / Frontend Posting / Front Editor | - | - | 2026-03-11 06:00:09 | Deep Dive |
| CVE-2026-1753 | Gutena Forms < 1.6.1 - Contributor+ Arbitrary Limited Options Update | Unknown | Gutena Forms | - | - | 2026-03-11 06:00:03 | Deep Dive |
| CVE-2026-1508 | Court Reservation < 1.10.9 - Event Deletion via CSRF | Unknown | Court Reservation | - | - | 2026-03-10 06:00:07 | Deep Dive |
| CVE-2026-2446 | Powerpack for LearnDash < 1.3.0 - Unauthenticated Arbitrary Option Update | Unknown | PowerPack for LearnDash | 超危 | - | 2026-03-06 06:00:04 | Deep Dive |
| CVE-2026-1128 | WP eCommerce <= 3.15.1 - Coupon Deletion via CSRF | Unknown | WP eCommerce | 中危 | - | 2026-03-06 06:00:03 | Deep Dive |
| CVE-2026-2418 | Login with Salesforce <= 1.0.2 - Unauthenticated Authentication Bypass | Unknown | Login with Salesforce | 中危 | - | 2026-03-05 06:00:03 | Deep Dive |
| CVE-2026-2025 | Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure | Unknown | Mail Mint | - | - | 2026-03-04 06:00:08 | Deep Dive |
| CVE-2026-1542 | Super Stage WP <= 1.0.1 - Unauthenticated PHP Object Injection | Unknown | Super Stage WP | 中危 | - | 2026-02-28 06:00:09 | Deep Dive |
| CVE-2025-15386 | Responsive Lightbox & Gallery < 2.6.1 - Unauthenticated Stored XSS | Unknown | Responsive Lightbox & Gallery | - | - | 2026-02-24 06:00:08 | Deep Dive |
| CVE-2026-1369 | Conditional CAPTCHA <= 4.0.0 - Open Redirect | Unknown | Conditional CAPTCHA | - | - | 2026-02-22 06:00:02 | Deep Dive |
| CVE-2026-1368 | Video Conferencing with Zoom API < 4.6.6 - Unauthenticated SDK Signature Generation | Unknown | Video Conferencing with Zoom | - | - | 2026-02-18 06:00:10 | Deep Dive |