| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12971 | Folders <= 3.1.5 - Incorrect Authorization to Authenticated (Contributor+) Folder Content Manipulation | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 4.3 | 2025-11-27 12:31:01 | Deep Dive |
| CVE-2025-13382 | Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming | nmedia | Frontend File Manager Plugin | Medium | 4.3 | 2025-11-25 07:28:24 | Deep Dive |
| CVE-2025-10554 | Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x | Dassault Systèmes | ENOVIA Product Manager | High | 8.7 | 2025-11-24 15:31:40 | Deep Dive |
| CVE-2025-12629 | Broken Link Manager <= 0.6.5 - Reflected XSS | Unknown | Broken Link Manager | - | - | 2025-11-24 06:00:07 | Deep Dive |
| CVE-2025-7402 | Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.95 - Unauthenticated SQL Injection via site_id | scripteo | Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager | High | 7.5 | 2025-11-24 04:36:41 | Deep Dive |
| CVE-2025-11446 | upKeeper Manager 安全漏洞 | upKeeper Solutions | upKeeper Manager | - | - | 2025-11-19 08:53:13 | Deep Dive |
| CVE-2025-12710 | Pet-Manager – Petfinder <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via kwm-petfinder Shortcode | kwmanagement | Pet-Manager – Petfinder | Medium | 6.4 | 2025-11-19 05:45:12 | Deep Dive |
| CVE-2025-12545 | Pixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more <= 1.49.2 - Unauthenticated Information Exposure | alekv | Pixel Manager for WooCommerce – Conversion Tracking, Google Ads, GA4, TikTok, Dynamic Remarketing | Medium | 5.3 | 2025-11-18 13:54:51 | Deep Dive |
| CVE-2025-9312 | Improper Certificate-Based Authentication Enforcement in Multiple WSO2 Products | WSO2 | WSO2 API Manager | Critical | 9.8 | 2025-11-18 12:05:22 | Deep Dive |
| CVE-2025-6670 | Cross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin Services | WSO2 | WSO2 Open Banking AM | High | 8.8 | 2025-11-18 11:28:37 | Deep Dive |
| CVE-2025-12937 | ACF Flexible Layouts Manager <= 1.1.6 - Missing Authorization to Unauthenticated Custom Field Update | valentinpellegrin | ACF Flexible Layouts Manager | Medium | 6.5 | 2025-11-18 08:27:34 | Deep Dive |
| CVE-2025-13319 | Authenticated SQL injection in API - Digi On-Prem Manager | Nettec AS | Digi On-Prem Manager | High | 8.8 | 2025-11-17 16:37:40 | Deep Dive |
| CVE-2025-8994 | WP Project Manager <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator' | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | Medium | 6.5 | 2025-11-15 05:45:34 | Deep Dive |
| CVE-2025-64275 | WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability | wpdevelop | Booking Manager | Medium | 6.5 | 2025-11-13 09:24:31 | Deep Dive |
| CVE-2025-64271 | WordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability | HasThemes | WP Plugin Manager | Medium | 4.3 | 2025-11-13 09:24:31 | Deep Dive |
| CVE-2025-64265 | WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability | N-Media | Frontend File Manager | Medium | 4.3 | 2025-11-13 09:24:29 | Deep Dive |
| CVE-2025-10495 | Lenovo多款产品 安全漏洞 | Lenovo | App Store | High | 7.5 | 2025-11-12 19:18:45 | Deep Dive |
| CVE-2025-8421 | Lenovo Dock Manager 安全漏洞 | Lenovo | Dock Manager | Medium | 6.6 | 2025-11-12 19:18:00 | Deep Dive |
| CVE-2025-47179 | Configuration Manager Elevation of Privilege Vulnerability | Microsoft | Microsoft Configuration Manager | Medium | 6.7 | 2025-11-11 17:59:34 | Deep Dive |
| CVE-2025-10918 | Ivanti Endpoint Manager 安全漏洞 | Ivanti | Endpoint Manager | High | 7.1 | 2025-11-11 15:31:54 | Deep Dive |