| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-29973 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Microsoft | Azure File Sync | High | 7.0 | 2025-05-13 16:58:35 | Deep Dive |
| CVE-2025-3915 | Aeropage Sync for Airtable <= 3.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion | aeropage | Aeropage Sync for Airtable | Medium | 4.3 | 2025-04-26 05:34:25 | Deep Dive |
| CVE-2025-3914 | Aeropage Sync for Airtable <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload | aeropage | Aeropage Sync for Airtable | High | 8.8 | 2025-04-26 05:34:24 | Deep Dive |
| CVE-2025-39381 | WordPress KiotViet Sync plugin <= 1.8.5 - CSRF to Stored XSS vulnerability | Kiotviet | KiotViet Sync | High | 7.1 | 2025-04-24 16:08:38 | Deep Dive |
| CVE-2025-32573 | WordPress KiotViet Sync Plugin <= 1.8.4 - SQL Injection vulnerability | Kiotviet | KiotViet Sync | High | 8.5 | 2025-04-17 15:47:26 | Deep Dive |
| CVE-2025-32579 | WordPress Sync Posts Plugin <= 1.0 - Arbitrary File Upload vulnerability | SoftClever Limited | Sync Posts | Critical | 9.9 | 2025-04-11 08:42:57 | Deep Dive |
| CVE-2025-32524 | WordPress MyWorks WooCommerce Sync for QuickBooks Online plugin <= 2.9.1 - Reflected Cross Site Scripting (XSS) vulnerability | MyWorks | MyWorks WooCommerce Sync for QuickBooks Online | High | 7.1 | 2025-04-11 08:42:53 | Deep Dive |
| CVE-2025-31599 | WordPress Bulk Product Sync plugin <= 8.6 - SQL Injection vulnerability | N-Media | Bulk Product Sync | Critical | 9.3 | 2025-04-11 08:42:51 | Deep Dive |
| CVE-2025-31619 | WordPress Actionwear products sync plugin <= 2.3.3 - SQL Injection vulnerability | marcoingraiti | Actionwear products sync | High | 8.5 | 2025-04-01 20:58:15 | Deep Dive |
| CVE-2025-31852 | WordPress Bulk Product Sync plugin <= 8.6 - Cross Site Request Forgery (CSRF) vulnerability | N-Media | Bulk Product Sync | Medium | 4.3 | 2025-04-01 14:52:01 | Deep Dive |
| CVE-2025-28892 | WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability | a2rocklobster | FTP Sync | High | 7.1 | 2025-03-11 21:00:48 | Deep Dive |
| CVE-2024-53695 | HBS 3 Hybrid Backup Sync | QNAP Systems Inc. | HBS 3 Hybrid Backup Sync | 中危 | - | 2025-03-07 16:13:43 | Deep Dive |
| CVE-2025-25119 | WordPress Woocommerce osCommerce Sync plugin <= 2.0.20 - Cross Site Scripting (XSS) vulnerability | Alejandro Aranda | Woocommerce osCommerce Sync | High | 7.1 | 2025-03-03 13:30:24 | Deep Dive |
| CVE-2024-13634 | Post Sync <= 1.1 - Reflected XSS | Unknown | Post Sync | 中危 | - | 2025-02-26 06:00:11 | Deep Dive |
| CVE-2024-45674 | IBM Security Verify Bridge information disclosure | IBM | Security Verify Bridge Directory Sync | Low | 3.3 | 2025-02-21 23:29:17 | Deep Dive |
| CVE-2024-45673 | IBM Security Verify Bridge information disclosure | IBM | Security Verify Bridge Directory Sync | Medium | 5.5 | 2025-02-21 16:45:51 | Deep Dive |
| CVE-2024-13535 | Actionwear products sync <= 2.3.2 - Unauthenticated Full Patch Disclosure | marcoingraiti | Actionwear products sync | Medium | 5.3 | 2025-02-18 04:21:17 | Deep Dive |
| CVE-2025-23486 | WordPress Database Sync plugin <= 0.5.1 - Sensitive Data Exposure vulnerability | tamlyn | Database Sync | Medium | 6.5 | 2025-01-22 14:31:57 | Deep Dive |
| CVE-2025-23778 | WordPress User Sync ActiveCampaign plugin <= 1.3.2 - Broken Access Control vulnerability | Pravin Durugkar | User Sync ActiveCampaign | Medium | 5.4 | 2025-01-16 20:06:58 | Deep Dive |
| CVE-2024-12152 | MIPL WC Multisite Sync <= 1.1.5 - Unauthenticated Arbitrary File Download | mulika | MIPL Multistore Sync for WooCommerce. Sync Products, Stock and Orders. | High | 7.5 | 2025-01-07 09:22:16 | Deep Dive |