| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24559 | WordPress Integration for Contact Form 7 HubSpot plugin <= 1.4.3 - Sensitive Data Exposure vulnerability | CRM Perks | Integration for Contact Form 7 HubSpot | Medium | 5.3 | 2026-01-23 14:28:55 | Deep Dive |
| CVE-2025-67968 | WordPress Real Homes CRM plugin <= 1.0.0 - Arbitrary File Upload vulnerability | InspiryThemes | Real Homes CRM | - | - | 2026-01-22 16:51:59 | Deep Dive |
| CVE-2025-62106 | WordPress WP-CRM System plugin <= 3.4.5 - Broken Access Control vulnerability | Mario Peshev | WP-CRM System | Medium | 5.4 | 2026-01-22 16:51:47 | Deep Dive |
| CVE-2026-21926 | Oracle Siebel CRM 安全漏洞 | Oracle Corporation | Siebel CRM Deployment | High | 7.5 | 2026-01-20 21:56:21 | Deep Dive |
| CVE-2026-0725 | Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration | cyberlord92 | Integrate Dynamics 365 CRM | Medium | 4.4 | 2026-01-17 08:24:31 | Deep Dive |
| CVE-2026-0820 | RepairBuddy <= 4.1116 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Signature Upload to Orders | sweetdaisy86 | RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress | Medium | 4.3 | 2026-01-17 03:24:24 | Deep Dive |
| CVE-2021-47779 | Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation | Dolibarr | CRM | Medium | 5.4 | 2026-01-15 23:25:37 | Deep Dive |
| CVE-2025-14854 | WP-CRM System – Manage Clients and Projects <= 3.4.5 - Missing Authorization to Authenticated (Subscriber+) CRM Data Exposure and Task Modification | nofearinc | WP-CRM System – Manage Clients and Projects | Medium | 5.4 | 2026-01-14 05:28:13 | Deep Dive |
| CVE-2025-41006 | Multiple vulnerabilities in Imaster products Open configuration options | Imaster | MEMS Events CRM | - | - | 2026-01-12 14:39:12 | Deep Dive |
| CVE-2025-41005 | Multiple vulnerabilities in Imaster products Open configuration options | Imaster | MEMS Events CRM | - | - | 2026-01-12 14:35:20 | Deep Dive |
| CVE-2025-15390 | PHPGurukul Small CRM edit-user.php authorization | PHPGurukul | Small CRM | Medium | 6.3 | 2025-12-31 15:32:07 | Deep Dive |
| CVE-2025-68928 | Frappe CRM vulnerable to authenticated XSS via website field | frappe | crm | Medium | 5.4 | 2025-12-29 15:06:32 | Deep Dive |
| CVE-2025-68590 | WordPress Integration for Contact Form 7 HubSpot plugin <= 1.4.2 - SQL Injection vulnerability | CRM Perks | Integration for Contact Form 7 HubSpot | High | 7.6 | 2025-12-24 13:10:43 | Deep Dive |
| CVE-2025-60178 | WordPress WP Gravity Forms HubSpot plugin <= 1.2.6 - Deserialization of untrusted data vulnerability | CRM Perks | WP Gravity Forms HubSpot | - | - | 2025-12-18 07:22:09 | Deep Dive |
| CVE-2025-60180 | WordPress WP Gravity Forms Salesforce plugin <= 1.5.1 - PHP Object Injection vulnerability | CRM Perks | WP Gravity Forms Salesforce | - | - | 2025-12-18 07:22:09 | Deep Dive |
| CVE-2025-60174 | WordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerability | CRM Perks | WP Gravity Forms Constant Contact Plugin | - | - | 2025-12-18 07:22:09 | Deep Dive |
| CVE-2025-60091 | WordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.9 - Deserialization of untrusted data vulnerability | CRM Perks | WP Gravity Forms Zoho CRM and Bigin | - | - | 2025-12-18 07:22:09 | Deep Dive |
| CVE-2025-60089 | WordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerability | CRM Perks | WP Gravity Forms FreshDesk Plugin | - | - | 2025-12-18 07:22:08 | Deep Dive |
| CVE-2025-60090 | WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability | CRM Perks | WP Gravity Forms Insightly | - | - | 2025-12-18 07:22:08 | Deep Dive |
| CVE-2025-68275 | ChurchCRM vulnerable to Stored XSS - Group name > Person Listing | ChurchCRM | CRM | - | - | 2025-12-17 21:53:23 | Deep Dive |