| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-5717 | Authenticated Remote Code Execution in Multiple WSO2 Products via Event Processor Admin Service | WSO2 | WSO2 API Manager | Medium | 6.8 | 2025-09-23 16:05:20 | Deep Dive |
| CVE-2025-4760 | Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher | WSO2 | WSO2 API Manager | Medium | 4.8 | 2025-09-23 14:55:05 | Deep Dive |
| CVE-2024-4598 | Information Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich Mediator | WSO2 | WSO2 API Manager | Medium | 6.5 | 2025-09-23 10:39:16 | Deep Dive |
| CVE-2025-57904 | WordPress Sales Count Manager for WooCommerce plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability | WP-EXPERTS.IN | Sales Count Manager for WooCommerce | Medium | 5.9 | 2025-09-22 18:25:25 | Deep Dive |
| CVE-2025-57913 | WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability | eleopard | Behance Portfolio Manager | Medium | 6.5 | 2025-09-22 18:25:19 | Deep Dive |
| CVE-2025-57921 | WordPress Frontend File Manager plugin <= 23.3 - Broken Access Control vulnerability | N-Media | Frontend File Manager | Medium | 5.3 | 2025-09-22 18:25:12 | Deep Dive |
| CVE-2025-57936 | WordPress Subresource Integrity (SRI) Manager Plugin <= 0.4.0 - Broken Access Control Vulnerability | Meitar | Subresource Integrity (SRI) Manager | Medium | 4.3 | 2025-09-22 18:25:02 | Deep Dive |
| CVE-2025-57987 | WordPress WP Events Manager Plugin <= 2.2.1 - Broken Access Control Vulnerability | ThimPress | WP Events Manager | Medium | 5.3 | 2025-09-22 18:24:25 | Deep Dive |
| CVE-2025-57998 | WordPress E-namad & Shamed Logo Manager Plugin <= 2.2 - Cross Site Scripting (XSS) Vulnerability | Hamid Reza Yazdani | E-namad & Shamed Logo Manager | Medium | 5.9 | 2025-09-22 18:24:17 | Deep Dive |
| CVE-2025-58222 | WordPress Team Manager plugin <= 2.5.1 - Broken Access Control vulnerability | Maidul | Team Manager | Medium | 5.3 | 2025-09-22 18:23:48 | Deep Dive |
| CVE-2025-58234 | WordPress JS Job Manager Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability | JoomSky | JS Job Manager | Medium | 6.5 | 2025-09-22 18:23:40 | Deep Dive |
| CVE-2025-58253 | WordPress Real Estate Manager Plugin <= 7.3 - Cross Site Scripting (XSS) Vulnerability | Rameez Iqbal | Real Estate Manager | Medium | 6.5 | 2025-09-22 18:23:27 | Deep Dive |
| CVE-2025-58265 | WordPress Events Manager – OpenStreetMaps Plugin <= 4.2.1 - Cross Site Scripting (XSS) Vulnerability | Stonehenge Creations | Events Manager – OpenStreetMaps | Medium | 6.5 | 2025-09-22 18:23:18 | Deep Dive |
| CVE-2025-58269 | WordPress WP Project Manager Plugin <= 2.6.25 - Sensitive Data Exposure Vulnerability | weDevs | WP Project Manager | Medium | 5.3 | 2025-09-22 18:23:16 | Deep Dive |
| CVE-2025-53692 | Sitecore Experience Platform Cross-Site Scripting Vulnerability | Sitecore | Sitecore Experience Manager (XM) | High | 7.1 | 2025-09-21 19:42:47 | Deep Dive |
| CVE-2025-9949 | Internal Links Manager <= 3.0.1 - Cross-Site Request Forgery | webraketen | Internal Links Manager | Medium | 4.3 | 2025-09-20 04:27:57 | Deep Dive |
| CVE-2025-10002 | ClickWhale <= 2.5.0 - Authenticated (Admin+) SQL injection | clickwhale | ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages | Medium | 4.9 | 2025-09-20 04:27:56 | Deep Dive |
| CVE-2025-36248 | IBM Copy Services Manager cross-site scripting | IBM | Copy Services Manager | Medium | 6.1 | 2025-09-19 16:22:40 | Deep Dive |
| CVE-2025-10146 | Download Manager <= 3.3.23 - Reflected Cross-Site Scripting via `user_ids` Parameter | codename065 | Download Manager | Medium | 6.1 | 2025-09-19 04:27:04 | Deep Dive |
| CVE-2024-25011 | Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability | Ericsson | Ericsson Catalog Manager | Medium | 5.3 | 2025-09-18 11:38:18 | Deep Dive |