| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-14437 | Hummingbird <= 3.18.0 - Unauthenticated Sensitive Information Exposure via Log File | wpmudev | Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN | High | 7.5 | 2025-12-18 12:22:27 | Deep Dive |
| CVE-2025-64189 | WordPress XStore Core plugin < 5.6 - Cross Site Scripting (XSS) vulnerability | 8theme | XStore Core | High | 7.1 | 2025-12-18 07:22:10 | Deep Dive |
| CVE-2025-60068 | WordPress Javo Core plugin <= 3.0.0.266 - Arbitrary Code Execution vulnerability | javothemes | Javo Core | Medium | 6.5 | 2025-12-18 07:22:05 | Deep Dive |
| CVE-2025-58877 | WordPress Javo Core plugin <= 3.0.0.529 - Arbitrary Content Deletion vulnerability | javothemes | Javo Core | High | 7.5 | 2025-12-18 07:21:52 | Deep Dive |
| CVE-2025-13532 | Weak Password Hash in Core Privileged Access Manager (BoKS) | Fortra | Core Privileged Access Manager (BoKS) | Medium | 6.2 | 2025-12-16 20:01:03 | Deep Dive |
| CVE-2025-68076 | WordPress Stockholm Core plugin <= 2.4.6 - Cross Site Scripting (XSS) vulnerability | Select-Themes | Stockholm Core | - | - | 2025-12-16 08:13:04 | Deep Dive |
| CVE-2025-68067 | WordPress Stockholm Core plugin <= 2.4.6 - Local File Inclusion vulnerability | Select-Themes | Stockholm Core | High | 7.5 | 2025-12-16 08:13:03 | Deep Dive |
| CVE-2025-68065 | WordPress Hub Core plugin <= 5.0.8 - Local File Inclusion vulnerability | LiquidThemes | Hub Core | High | 7.5 | 2025-12-16 08:13:01 | Deep Dive |
| CVE-2025-67965 | WordPress Homey Core plugin <= 2.4.3 - Broken Access Control vulnerability | favethemes | Homey Core | Medium | 5.3 | 2025-12-16 08:12:58 | Deep Dive |
| CVE-2025-59001 | WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability | ThemeNectar | Salient Core | Medium | 4.3 | 2025-12-16 08:12:47 | Deep Dive |
| CVE-2025-13363 | IMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure Update | imaqpress | IMAQ CORE | Medium | 4.3 | 2025-12-12 03:20:48 | Deep Dive |
| CVE-2025-67509 | MySQLSelectTool Read-Only Bypass via SELECT INTO OUTFILE Allows Arbitrary File Write | neuron-core | neuron-ai | High | 8.2 | 2025-12-10 23:05:22 | Deep Dive |
| CVE-2025-67510 | MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”) | neuron-core | neuron-ai | Critical | 9.4 | 2025-12-10 22:55:21 | Deep Dive |
| CVE-2025-54100 | PowerShell Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.8 | 2025-12-09 17:56:10 | Deep Dive |
| CVE-2025-62221 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1809 | High | 7.8 | 2025-12-09 17:56:10 | Deep Dive |
| CVE-2025-64680 | Windows DWM Core Library Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.8 | 2025-12-09 17:56:09 | Deep Dive |
| CVE-2025-64679 | Windows DWM Core Library Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1507 | High | 7.8 | 2025-12-09 17:56:08 | Deep Dive |
| CVE-2025-64678 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | Microsoft | Windows 10 Version 1607 | High | 8.8 | 2025-12-09 17:56:08 | Deep Dive |
| CVE-2025-64661 | Windows Shell Elevation of Privilege Vulnerability | Microsoft | Windows 10 Version 1607 | High | 7.8 | 2025-12-09 17:56:06 | Deep Dive |
| CVE-2025-62570 | Windows Camera Frame Server Monitor Information Disclosure Vulnerability | Microsoft | Windows 11 Version 24H2 | High | 7.1 | 2025-12-09 17:56:05 | Deep Dive |