| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-12173 | WP Admin Microblog <= 3.1.1 - Cross-Site Request Forgery to Message Creation | winkm89 | WP Admin Microblog | Medium | 4.3 | 2025-11-18 08:27:35 | Deep Dive |
| CVE-2025-12132 | WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update | larsactionhero | WP Custom Admin Login Page Logo | Medium | 4.3 | 2025-11-11 03:30:41 | Deep Dive |
| CVE-2025-62965 | WordPress Admin Management Xtended plugin <= 2.5.1 - Broken Access Control vulnerability | wpseek | Admin Management Xtended | Medium | 5.5 | 2025-10-27 01:34:13 | Deep Dive |
| CVE-2025-9804 | Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs | WSO2 | WSO2 Identity Server as Key Manager | High | 8.9 | 2025-10-16 12:33:45 | Deep Dive |
| CVE-2025-9955 | Improper Access Control in WSO2 Enterprise Integrator Product via SOAP Admin Services for Logs and User-Store Configuration | WSO2 | WSO2 Enterprise Integrator | Medium | 5.7 | 2025-10-16 12:14:56 | Deep Dive |
| CVE-2025-10162 | OrderConvo < 14 - Unauthenticated Arbitrary File Read | Unknown | Admin and Customer Messages After Order for WooCommerce: OrderConvo | - | - | 2025-10-07 06:00:05 | Deep Dive |
| CVE-2025-60185 | WordPress kontur Admin Style Plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability | kontur.us | kontur Admin Style | Medium | 5.9 | 2025-09-26 08:32:13 | Deep Dive |
| CVE-2025-57898 | WordPress WP Frontend Admin plugin <= 1.22.7 - Cross Site Scripting (XSS) vulnerability | Jose Vega | WP Frontend Admin | Medium | 6.5 | 2025-09-22 18:25:30 | Deep Dive |
| CVE-2025-9487 | Admin and Site Enhancements < 7.9.8 - Authenticated Stored XSS via SVG | Unknown | Admin and Site Enhancements (ASE) | - | - | 2025-09-22 06:00:14 | Deep Dive |
| CVE-2025-9623 | Admin in English with Switch <= 1.1 - Cross-Site Request Forgery | dontcare | Admin in English with Switch | Medium | 4.3 | 2025-09-11 07:24:58 | Deep Dive |
| CVE-2025-39553 | WordPress Church Admin plugin <= 5.0.9 - Sensitive Data Exposure vulnerability | andy_moyle | Church Admin | Medium | 4.3 | 2025-09-09 16:25:29 | Deep Dive |
| CVE-2025-9493 | Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter | whiteshadow | Admin Menu Editor | Medium | 6.4 | 2025-09-06 03:22:37 | Deep Dive |
| CVE-2025-58865 | WordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability | reimund | Compact Admin | Medium | 4.3 | 2025-09-05 13:45:43 | Deep Dive |
| CVE-2025-48325 | WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | shmish111 | WP Admin Theme | High | 7.1 | 2025-08-28 12:37:00 | Deep Dive |
| CVE-2025-49035 | WordPress Admin Menu Groups plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability | chaimchaikin | Admin Menu Groups | Medium | 5.9 | 2025-08-27 03:26:17 | Deep Dive |
| CVE-2025-57896 | WordPress Church Admin Plugin <= 5.0.26 - Broken Access Control Vulnerability | andy_moyle | Church Admin | Medium | 5.3 | 2025-08-22 12:00:04 | Deep Dive |
| CVE-2025-49267 | WordPress Frontend Admin by DynamiApps plugin <= 3.28.3 - SQL Injection vulnerability | Shabti Kaplan | Frontend Admin by DynamiApps | High | 8.5 | 2025-08-14 10:34:10 | Deep Dive |
| CVE-2025-49303 | WordPress Frontend Admin by DynamiApps plugin <= 3.28.7 - Arbitrary File Download Vulnerability | Shabti Kaplan | Frontend Admin by DynamiApps | Medium | 6.8 | 2025-07-04 11:18:00 | Deep Dive |
| CVE-2025-53317 | WordPress WPShapere Lite plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) Vulnerability | AcmeeDesign | WPShapere - WordPress admin theme | High | 7.1 | 2025-06-27 13:21:37 | Deep Dive |
| CVE-2025-53267 | WordPress Hide Admin Bar From Front End plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability | Aftab Husain | Hide Admin Bar From Front End | Medium | 4.3 | 2025-06-27 13:21:12 | Deep Dive |