| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-53581 | WordPress RSS Feed Pro Plugin <= 1.1.8 - Cross Site Scripting (XSS) Vulnerability | artiosmedia | RSS Feed Pro | Medium | 5.9 | 2025-08-14 18:21:53 | Deep Dive |
| CVE-2025-54673 | WordPress Chartify plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerability | Ays Pro | Chartify | Medium | 4.3 | 2025-08-14 10:34:41 | Deep Dive |
| CVE-2025-52728 | WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability | WebCodingPlace | Responsive Posts Carousel Pro | High | 7.5 | 2025-08-14 10:34:02 | Deep Dive |
| CVE-2025-6184 | Tutor LMS Pro – eLearning and online course solution <= 3.7.0 - Authenticated (Tutor Instructor+) SQL Injection | themeum | Tutor LMS Pro | High | 8.8 | 2025-08-13 06:39:50 | Deep Dive |
| CVE-2025-0818 | Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion | ninjateam | File Manager Pro – Filester | Medium | 6.5 | 2025-08-13 03:42:05 | Deep Dive |
| CVE-2025-7622 | AXIS Camera Station和AXIS Camera Station Pro 安全漏洞 | Axis Communications AB | AXIS Camera Station Pro | - | - | 2025-08-12 05:09:24 | Deep Dive |
| CVE-2025-55077 | Tyler Technologies ERP Pro 9 SaaS application escape | Tyler Technologies | ERP Pro 9 SaaS | High | 7.4 | 2025-08-07 18:37:33 | Deep Dive |
| CVE-2025-7202 | Cross-Site Request Forgery (CSRF) allowed remote control of Elgato Key Lights | Elgato | Key Light | - | - | 2025-08-06 08:28:23 | Deep Dive |
| CVE-2012-10031 | BlazeVideo HDTV Player Pro 6.6.0.3 Filename Handling Buffer Overflow | BlazeVideo Inc. | HDTV Player Pro | - | - | 2025-08-05 20:00:16 | Deep Dive |
| CVE-2025-27212 | Ubiquiti多款产品 安全漏洞 | Ubiquiti Inc | UniFi Access Reader Pro | - | - | 2025-08-04 22:12:19 | Deep Dive |
| CVE-2025-7710 | Brave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to Administrator | Brave | Brave Conversion Engine (PRO) | Critical | 9.8 | 2025-08-02 11:23:55 | Deep Dive |
| CVE-2025-43018 | Certain HP LaserJet Pro Printers – Potential Information Disclosure | HP, Inc. | Certain HP LaserJet Pro Printers | - | - | 2025-07-30 14:31:19 | Deep Dive |
| CVE-2025-7959 | Station Pro <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width and height Parameters | marviorocha | Station Pro – Advanced Audio Streaming & Player for WordPress | Medium | 6.4 | 2025-07-24 09:22:23 | Deep Dive |
| CVE-2025-7444 | LoginPress Pro <= 5.0.1 - Authentication Bypass via WordPress.com OAuth provider | LoginPress | LoginPress Pro | Critical | 9.8 | 2025-07-18 08:22:39 | Deep Dive |
| CVE-2025-7438 | MasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File Upload | StylemixThemes | MasterStudy LMS Pro | High | 7.5 | 2025-07-18 06:45:33 | Deep Dive |
| CVE-2025-34109 | Panda Security PSEvents.exe Insecure DLL Loading Privilege Escalation | Panda Security | Panda Global Protection 2016 | - | - | 2025-07-15 13:05:00 | Deep Dive |
| CVE-2025-6265 | Zyxel NWA50AX PRO 路径遍历漏洞 | Zyxel | NWA50AX PRO firmware | High | 7.2 | 2025-07-15 01:32:10 | Deep Dive |
| CVE-2024-26293 | Unauthenticated Path Traversal affecting Avid NEXIS | Avid | Avid NEXIS E-series | - | - | 2025-07-14 09:18:18 | Deep Dive |
| CVE-2024-26292 | Authenticated Arbitrary File Deletion affecting Avid NEXIS | Avid | Avid NEXIS E-series | - | - | 2025-07-14 08:19:59 | Deep Dive |
| CVE-2024-26291 | Authenticated Arbitrary File Read affecting Avid NEXIS | Avid | Avid NEXIS E-series | - | - | 2025-07-14 08:12:16 | Deep Dive |