| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4473 | Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function | vinoth06 | Frontend Dashboard | High | 8.8 | 2025-05-13 06:40:55 | Deep Dive |
| CVE-2025-43004 | Security Misconfiguration Vulnerability in SAP Digital Manufacturing (Production Operator Dashboard) | SAP_SE | SAP Digital Manufacturing (Production Operator Dashboard) | Medium | 5.3 | 2025-05-13 00:18:35 | Deep Dive |
| CVE-2025-4104 | Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function | vinoth06 | Frontend Dashboard | Critical | 9.8 | 2025-05-07 09:21:45 | Deep Dive |
| CVE-2025-47423 | Personal Weather Station Dashboard 安全漏洞 | pwsdashboard | Personal Weather Station Dashboard | Medium | 5.8 | 2025-05-07 00:00:00 | Deep Dive |
| CVE-2025-3969 | codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload | codeprojects | News Publishing Site Dashboard | Medium | 6.3 | 2025-04-27 12:00:06 | Deep Dive |
| CVE-2025-3968 | codeprojects News Publishing Site Dashboard api.php sql injection | codeprojects | News Publishing Site Dashboard | Medium | 6.3 | 2025-04-27 11:00:07 | Deep Dive |
| CVE-2025-46248 | WordPress Frontend Dashboard plugin <= 2.2.5 - SQL Injection Vulnerability | M A Vinoth Kumar | Frontend Dashboard | Critical | 9.3 | 2025-04-24 16:08:29 | Deep Dive |
| CVE-2025-23906 | WordPress WordPress Dashboard Tweeter plugin <= 1.3.2 - Settings Change vulnerability | wpseek | WordPress Dashboard Tweeter | Medium | 6.5 | 2025-04-17 15:48:27 | Deep Dive |
| CVE-2025-39441 | WordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerability | swedish boy | Dashboard Notepads | High | 7.1 | 2025-04-17 15:16:51 | Deep Dive |
| CVE-2025-1525 | Ultimate Dashboard < 3.8.6 - Admin+ Stored XSS | Unknown | Ultimate Dashboard | - | - | 2025-04-17 06:00:11 | Deep Dive |
| CVE-2025-1524 | Ultimate Dashboard < 3.8.6 - Admin+ Stored XSS | Unknown | Ultimate Dashboard | - | - | 2025-04-17 06:00:10 | Deep Dive |
| CVE-2025-1523 | Ultimate Dashboard < 3.8.6 - Admin+ Stored XSS | Unknown | Ultimate Dashboard | - | - | 2025-04-17 06:00:10 | Deep Dive |
| CVE-2025-20150 | Cisco Nexus Dashboard Username Enumeration Vulnerability | Cisco | Cisco Nexus Dashboard | Medium | 5.3 | 2025-04-16 16:07:30 | Deep Dive |
| CVE-2025-31014 | WordPress Material Dashboard plugin <= 1.4.5 - Local File Inclusion Vulnerability | Hossein | Material Dashboard | High | 7.5 | 2025-04-11 08:42:49 | Deep Dive |
| CVE-2025-32282 | WordPress ShareThis Dashboard for Google Analytics plugin <= 3.2.3 - Cross Site Request Forgery (CSRF) vulnerability | ShareThis | ShareThis Dashboard for Google Analytics | Medium | 4.3 | 2025-04-10 08:09:48 | Deep Dive |
| CVE-2025-32162 | WordPress Chamber Dashboard Business Directory plugin <= 3.3.11 - Cross Site Scripting (XSS) vulnerability | Morgan Kay | Chamber Dashboard Business Directory | Medium | 6.5 | 2025-04-04 15:58:44 | Deep Dive |
| CVE-2025-31097 | WordPress Material Dashboard plugin <= 1.4.5 - Local File Inclusion Vulnerability | Hossein | Material Dashboard | High | 8.1 | 2025-04-01 20:58:10 | Deep Dive |
| CVE-2025-31095 | WordPress Material Dashboard plugin <= 1.4.5 - Privilege Escalation Vulnerability | Hossein | Material Dashboard | Critical | 9.8 | 2025-04-01 05:31:42 | Deep Dive |
| CVE-2025-2276 | Ultimate Dashboard <= 3.8.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Modules Activation/Deactivation | davidvongries | Ultimate Dashboard – Custom WordPress Dashboard | Medium | 4.3 | 2025-03-25 23:22:01 | Deep Dive |
| CVE-2025-1507 | ShareThis Dashboard for Google Analytics <= 3.2.1 - Missing Authorization to Unauthenticated Feature Deactivation | sharethis | ShareThis Dashboard for Google Analytics | Medium | 5.3 | 2025-03-14 08:23:04 | Deep Dive |