| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-8411 | XSS in Dokuzsoft Technology's E-Commerce Web Design Product | Dokuzsoft Technology | E-Commerce Web Design Product | High | 7.1 | 2025-09-17 11:17:58 | Deep Dive |
| CVE-2025-54731 | WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability | emarket-design | YouTube Showcase | High | 8.1 | 2025-08-28 12:37:38 | Deep Dive |
| CVE-2025-53584 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | High | 8.1 | 2025-08-28 12:37:33 | Deep Dive |
| CVE-2025-53583 | WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability | emarket-design | Employee Spotlight | High | 8.1 | 2025-08-28 12:37:32 | Deep Dive |
| CVE-2025-53572 | WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability | emarket-design | WP Easy Contact | High | 8.1 | 2025-08-28 12:37:30 | Deep Dive |
| CVE-2025-53243 | WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability | emarket-design | Employee Directory – Staff Listing & Team Directory Plugin for WordPress | High | 8.1 | 2025-08-28 12:37:23 | Deep Dive |
| CVE-2025-0951 | LiquidThemes Themes <= Various Versions - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated | LiquidThemes | AI Hub - Startup & Technology WordPress Theme | Medium | 4.3 | 2025-08-28 03:42:43 | Deep Dive |
| CVE-2025-8314 | Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Project Management, Bug and Issue Tracking Plugin – Software Issue Manager | Medium | 6.4 | 2025-08-12 04:25:41 | Deep Dive |
| CVE-2025-8420 | Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | High | 8.1 | 2025-08-06 02:24:12 | Deep Dive |
| CVE-2025-8295 | Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Employee Directory – Staff & Team Directory | Medium | 6.4 | 2025-08-05 07:24:16 | Deep Dive |
| CVE-2025-8313 | Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | Medium | 6.4 | 2025-08-05 06:39:49 | Deep Dive |
| CVE-2025-8315 | WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact | Medium | 6.4 | 2025-08-05 06:39:48 | Deep Dive |
| CVE-2025-33077 | IBM Engineering Systems Design Rhapsody code execution | IBM | Engineering Systems Design Rhapsody | High | 8.8 | 2025-07-23 14:49:24 | Deep Dive |
| CVE-2025-33076 | IBM Engineering Systems Design Rhapsody code execution | IBM | Engineering Systems Design Rhapsody | High | 8.8 | 2025-07-23 14:48:56 | Deep Dive |
| CVE-2025-33020 | IBM Engineering Systems Design Rhapsody information disclosure | IBM | Engineering Systems Design Rhapsody | Medium | 5.9 | 2025-07-23 14:47:29 | Deep Dive |
| CVE-2025-5842 | Modern Design Library <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter | butterflymedia | Modern Design Library | Medium | 6.4 | 2025-06-26 09:22:02 | Deep Dive |
| CVE-2025-5540 | Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Event RSVP and Simple Event Management Plugin | Medium | 6.4 | 2025-06-26 02:06:36 | Deep Dive |
| CVE-2025-52822 | WordPress WP Roadmap plugin <= 2.1.3 - SQL Injection vulnerability | Iqonic Design | WP Roadmap | High | 8.5 | 2025-06-20 15:03:39 | Deep Dive |
| CVE-2023-26001 | WordPress Next Event Calendar plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability | Marchetti Design | Next Event Calendar | Medium | 5.9 | 2025-06-06 12:54:43 | Deep Dive |
| CVE-2025-5539 | Simplify Contact Management: WP Easy Contact <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact | Medium | 6.4 | 2025-06-04 04:22:42 | Deep Dive |