| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-67942 | WordPress Peach Payments Gateway plugin <= 3.3.6 - Broken Access Control vulnerability | peachpayments | Peach Payments Gateway | Medium | 6.5 | 2026-01-22 16:51:54 | Deep Dive |
| CVE-2025-62754 | WordPress Payment Gateway bKash for WC plugin <= 3.1.0 - Broken Access Control vulnerability | Kapil Paul | Payment Gateway bKash for WC | Medium | 5.3 | 2026-01-22 16:51:48 | Deep Dive |
| CVE-2025-36397 | Security vulnerabilities have been found in IBM Application Gateway | IBM | Application Gateway | Medium | 5.4 | 2026-01-20 15:23:31 | Deep Dive |
| CVE-2025-36396 | Security vulnerabilities have been found in IBM Application Gateway | IBM | Application Gateway | Medium | 5.4 | 2026-01-20 15:22:12 | Deep Dive |
| CVE-2025-15475 | PayHere Payment Gateway Plugin for WooCommerce <= 2.3.9 - Missing Authorization to Unauthenticated Order Status Modification | payhere | PayHere Payment Gateway | Medium | 5.3 | 2026-01-14 06:40:09 | Deep Dive |
| CVE-2025-15513 | Float Payment Gateway <= 1.1.9 - Improper Authorization to Unauthenticated Order Status Manipulation | floattechnologies | Float Payment Gateway | Medium | 5.3 | 2026-01-14 06:40:07 | Deep Dive |
| CVE-2025-15512 | Aplazo Payment Gateway <= 1.4.3 - Missing Authorization to Unauthenticated Order Status Manipulation | aplazopayment | Aplazo Payment Gateway | Medium | 5.3 | 2026-01-14 06:40:06 | Deep Dive |
| CVE-2025-14880 | Netcash WooCommerce Payment Gateway <= 4.1.3 - Missing Authorization to Unauthenticated Order Status Modification | netcashpaynow | Netcash WooCommerce Payment Gateway | Medium | 5.3 | 2026-01-14 05:28:10 | Deep Dive |
| CVE-2026-22771 | Envoy Extension Policy lua scripts injection causes arbitrary command execution | envoyproxy | gateway | High | 8.8 | 2026-01-12 18:08:23 | Deep Dive |
| CVE-2025-14943 | Blog2Social: Social Media Auto Post & Scheduler <= 8.7.2 - Incorrect Authorization to Authenticated (Subscriber+) Sensitive Information Exposure | pr-gateway | Blog2Social: Social Media Auto Post & Scheduler | Medium | 4.3 | 2026-01-10 06:32:34 | Deep Dive |
| CVE-2025-14460 | Piraeus Bank WooCommerce Payment Gateway <= 3.1.4 - Missing Authorization to Unauthenticated Arbitrary Order Status Change | enartia | Piraeus Bank WooCommerce Payment Gateway | Medium | 5.3 | 2026-01-07 09:21:05 | Deep Dive |
| CVE-2026-0656 | iPaymu Payment Gateway for WooCommerce <= 2.0.2 - Missing Authentication to Unauthenticated Payment Bypass and Order Information Disclosure | ipaymu | iPaymu Payment Gateway for WooCommerce | High | 8.2 | 2026-01-07 06:36:03 | Deep Dive |
| CVE-2025-14875 | HBLPAY Payment Gateway for WooCommerce <= 5.0.0 - Reflected Cross-Site Scripting via 'cusdata' Parameter | hblpay | HBLPAY Payment Gateway for WooCommerce | Medium | 6.1 | 2026-01-07 06:35:58 | Deep Dive |
| CVE-2025-46696 | Dell Secure Connect Gateway 安全漏洞 | Dell | Secure Connect Gateway (SCG) Appliance | Medium | 6.4 | 2026-01-06 15:01:17 | Deep Dive |
| CVE-2018-25148 | Microhard Systems IPn4G 1.1.0 Remote Code Execution via Admin Interface | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit | High | 8.8 | 2025-12-24 19:27:51 | Deep Dive |
| CVE-2018-25149 | Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities | Medium | 6.5 | 2025-12-24 19:27:51 | Deep Dive |
| CVE-2018-25146 | Microhard Systems IPn4G 1.1.0 Service Control Denial of Service | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS | High | 8.1 | 2025-12-24 19:27:50 | Deep Dive |
| CVE-2018-25147 | Microhard Systems IPn4G 1.1.0 Default Credentials Authentication Bypass | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials | High | 7.5 | 2025-12-24 19:27:50 | Deep Dive |
| CVE-2018-25145 | Microhard Systems IPn4G 1.1.0 Configuration Disclosure via Authenticated Download | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download | Medium | 6.5 | 2025-12-24 19:27:50 | Deep Dive |
| CVE-2018-25143 | Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via Microhard Sh Service | Microhard Systems | Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak | High | 8.8 | 2025-12-24 19:27:49 | Deep Dive |