| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-39460 | WordPress Eduma theme <= 5.6.4 - Broken Access Control vulnerability | ThimPress | Eduma | Medium | 5.3 | 2025-05-19 17:30:45 | Deep Dive |
| CVE-2025-47664 | WordPress WP Pipes plugin <= 1.4.3 - Server Side Request Forgery (SSRF) Vulnerability | ThimPress | WP Pipes | Medium | 4.4 | 2025-05-07 14:20:49 | Deep Dive |
| CVE-2025-47448 | WordPress WP Hotel Booking plugin <= 2.1.9 - Cross Site Request Forgery (CSRF) Vulnerability | ThimPress | WP Hotel Booking | Medium | 4.3 | 2025-05-07 14:19:35 | Deep Dive |
| CVE-2025-39470 | WordPress Ivy School theme <= 1.6.0 - Local File Inclusion Vulnerability | ThimPress | Ivy School | High | 8.1 | 2025-04-18 04:30:32 | Deep Dive |
| CVE-2025-22739 | WordPress LearnPress plugin <= 4.2.7.5 - Broken Access Control vulnerability | ThimPress | LearnPress | Medium | 5.3 | 2025-03-27 21:46:01 | Deep Dive |
| CVE-2025-24740 | WordPress Learnpress plugin <= 4.2.7.1 - Open Redirection vulnerability | ThimPress | LearnPress | Medium | 4.7 | 2025-01-27 14:22:18 | Deep Dive |
| CVE-2025-24601 | WordPress FundPress plugin <= 2.0.6 - PHP Object Injection vulnerability | ThimPress | FundPress | Critical | 9.8 | 2025-01-27 13:59:49 | Deep Dive |
| CVE-2024-13599 | LearnPress – WordPress LMS Plugin <= 4.2.7.5 - Authenticated (LP Instructor+) Stored Cross-Site Scripting via Lesson Name | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Medium | 6.4 | 2025-01-25 07:24:16 | Deep Dive |
| CVE-2025-24725 | WordPress Thim Elementor Kit Plugin <= 1.2.8 - Broken Access Control vulnerability | ThimPress | Thim Elementor Kit | Medium | 4.3 | 2025-01-24 17:25:16 | Deep Dive |
| CVE-2024-13447 | WP Hotel Booking <= 2.1.6 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval | thimpress | WP Hotel Booking | Medium | 4.3 | 2025-01-22 11:07:58 | Deep Dive |
| CVE-2024-12370 | WP Hotel Booking <= 2.1.5 - Missing Authorization | thimpress | WP Hotel Booking | Medium | 5.3 | 2025-01-17 08:25:38 | Deep Dive |
| CVE-2025-22312 | WordPress Thim Elementor Kit plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability | ThimPress | Thim Elementor Kit | Medium | 6.5 | 2025-01-07 10:48:55 | Deep Dive |
| CVE-2024-12283 | WP Pipes <= 1.4.1 - Reflected Cross-Site Scripting via x1 Parameter | thimpress | WP Pipes | Medium | 6.1 | 2024-12-11 08:57:29 | Deep Dive |
| CVE-2024-11868 | LearnPress – WordPress LMS Plugin <= 4.2.7.3 - Course Material Sensitive Information Exposure via REST API | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Medium | 5.3 | 2024-12-10 12:25:00 | Deep Dive |
| CVE-2024-9609 | LearnPress Export Import – WordPress extension for LearnPress <= 4.0.4 - Reflected Cross-Site Scripting | thimpress | LearnPress – Backup & Migration Tool | Medium | 6.1 | 2024-11-15 04:29:06 | Deep Dive |
| CVE-2024-51582 | WordPress WP Hotel Booking plugin <= 2.2.9 - Local File Inclusion vulnerability | ThimPress | WP Hotel Booking | High | 7.5 | 2024-11-04 13:38:39 | Deep Dive |
| CVE-2024-7855 | WP Hotel Booking <= 2.1.2 - Authenticated (Subscriber+) Arbitrary File Upload | thimpress | WP Hotel Booking | High | 8.8 | 2024-10-02 04:31:18 | Deep Dive |
| CVE-2024-8522 | LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields' | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Critical | 10.0 | 2024-09-12 08:30:47 | Deep Dive |
| CVE-2024-8529 | LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields' | thimpress | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | Critical | 10.0 | 2024-09-12 08:30:46 | Deep Dive |
| CVE-2024-7717 | WP Events Manager <= 2.1.11 - Authenticated (Subscriber+) Time-Based SQL Injection | thimpress | WP Events Manager | High | 8.8 | 2024-08-31 08:35:19 | Deep Dive |