| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13576 | code-projects Blog Site admin.php improper authorization | code-projects | Blog Site | Medium | 6.3 | 2025-11-24 01:02:07 | Deep Dive |
| CVE-2025-13575 | code-projects Blog Site Category blog.php category_exists sql injection | code-projects | Blog Site | Medium | 6.3 | 2025-11-24 00:32:06 | Deep Dive |
| CVE-2025-60199 | WordPress InHype - Blog & Magazine WordPress Theme theme <= 1.5.2 - Local File Inclusion vulnerability | dedalx | InHype - Blog & Magazine WordPress Theme | High | 8.1 | 2025-11-06 15:54:57 | Deep Dive |
| CVE-2025-60198 | WordPress Saxon - Viral Content Blog & Magazine Marketing WordPress Theme theme <= 1.9.3 - Local File Inclusion vulnerability | dedalx | Saxon - Viral Content Blog & Magazine Marketing WordPress Theme | 中危 | - | 2025-11-06 15:54:56 | Deep Dive |
| CVE-2025-58711 | WordPress Blog Designer PRO plugin <= 3.4.8 - Broken Access Control vulnerability | solwin | Blog Designer PRO | Medium | 5.3 | 2025-10-29 08:38:02 | Deep Dive |
| CVE-2025-12305 | quequnlong shiyi-blog Job SysJobController.java deserialization | quequnlong | shiyi-blog | Medium | 6.3 | 2025-10-27 18:32:08 | Deep Dive |
| CVE-2025-62958 | WordPress Simple Content Templates for Blog Posts & Pages plugin <= 2.2.61 - Cross Site Request Forgery (CSRF) vulnerability | Clifton Griffin | Simple Content Templates for Blog Posts & Pages | Medium | 4.3 | 2025-10-27 01:34:11 | Deep Dive |
| CVE-2025-11257 | LLM Hubspot Blog Import <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Hubspot Import | limelightmarketing | LLM Hubspot Blog Import | Medium | 4.3 | 2025-10-24 08:24:01 | Deep Dive |
| CVE-2025-11504 | Quickcreator – AI Blog Writer 0.0.9 - 0.1.17 - Unauthenticated API Key Exposure | quickcreator | Quickcreator – AI Blog Writer | High | 7.5 | 2025-10-24 08:23:59 | Deep Dive |
| CVE-2025-57990 | WordPress Blog Designer Plugin <= 3.1.8 - Broken Access Control Vulnerability | solwininfotech | Blog Designer | Medium | 5.4 | 2025-09-22 18:24:23 | Deep Dive |
| CVE-2025-8481 | Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid <= 1.1.7 - Cross-Site Request Forgery | mdimran41 | Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid | Medium | 4.3 | 2025-09-11 07:24:58 | Deep Dive |
| CVE-2025-47694 | WordPress Blog Designer PRO plugin <= 3.4.7 - Reflected Cross Site Scripting (XSS) vulnerability | solwin | Blog Designer PRO | High | 7.1 | 2025-09-09 16:25:26 | Deep Dive |
| CVE-2025-47695 | WordPress Blog Designer PRO plugin <= 3.4.7 - Authenticated Non-Arbitrary Local File Inclusion vulnerability | solwin | Blog Designer PRO | High | 7.5 | 2025-09-09 16:25:25 | Deep Dive |
| CVE-2025-58365 | XWiki Blog Application: Privilege Escalation (PR) from account through blog content | xwiki-contrib | application-blog | - | - | 2025-09-08 21:19:09 | Deep Dive |
| CVE-2025-9929 | code-projects Responsive Blog Site blogs_view.php cross site scripting | code-projects | Responsive Blog Site | Low | 2.4 | 2025-09-03 21:32:07 | Deep Dive |
| CVE-2025-47696 | WordPress Blog Designer PRO plugin <= 3.4.7 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability | solwin | Blog Designer PRO | High | 8.1 | 2025-08-31 03:48:04 | Deep Dive |
| CVE-2025-9151 | LiuYuYang01 ThriveX-Blog web updateJsonValueByName improper authorization | LiuYuYang01 | ThriveX-Blog | Medium | 6.3 | 2025-08-19 18:02:06 | Deep Dive |
| CVE-2025-9101 | zhenfeng13 My-Blog Tag save cross site scripting | zhenfeng13 | My-Blog | Low | 3.5 | 2025-08-18 02:02:06 | Deep Dive |
| CVE-2025-9100 | zhenfeng13 My-Blog Frontend Blog Article Comment comment authentication replay | zhenfeng13 | My-Blog | Medium | 5.3 | 2025-08-18 01:32:06 | Deep Dive |
| CVE-2025-54740 | WordPress Print My Blog Plugin <= 3.27.9 - Cross Site Scripting (XSS) Vulnerability | Michael Nelson | Print My Blog | Medium | 6.5 | 2025-08-14 18:21:37 | Deep Dive |