| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-31553 | WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.1 - SQL Injection vulnerability | WPFactory | Advanced WooCommerce Product Sales Reporting | Critical | 9.3 | 2025-04-01 20:58:13 | Deep Dive |
| CVE-2025-27406 | Icinga Reporting Stored XSS leads to SSRF | Icinga | icingaweb2-module-reporting | High | 7.6 | 2025-03-26 15:49:45 | Deep Dive |
| CVE-2025-22493 | Improper cookie attributes in Foreseer Reporting Software (FRS) | Eaton | Foreseer Reporting Software (FRS) | Medium | 5.6 | 2025-03-05 08:53:59 | Deep Dive |
| CVE-2025-22492 | Insecure storage of connection strings in FRS | Eaton | Foreseer Reporting Software (FRS) | Medium | 6.3 | 2025-02-28 08:29:33 | Deep Dive |
| CVE-2025-22491 | Improper Input Validation in Foreseer Reporting Software (FRS) | Eaton | Foreseer Reporting Software (FRS) | Medium | 6.7 | 2025-02-28 08:24:21 | Deep Dive |
| CVE-2024-6097 | Absolute Path Traversal Vulnerability | Progress Software Corporation | Progress® Telerik® Reporting | Medium | 5.3 | 2025-02-12 17:37:11 | Deep Dive |
| CVE-2024-8401 | Schneider Electric EcoStruxure Power Monitoring Expert 跨站脚本漏洞 | Schneider Electric | EcoStruxure Power Monitoring Expert (PME) 2021 | Medium | 5.4 | 2025-01-28 16:35:56 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8015 | Telerik Report Server Insecure Type Resolution | Progress Software | Telerik Reporting | Critical | 9.1 | 2024-10-09 14:49:20 | Deep Dive |
| CVE-2024-7840 | Improper neutralization special element in hyperlinks | Progress Software | Telerik Reporting | High | 7.8 | 2024-10-09 14:41:40 | Deep Dive |
| CVE-2024-8048 | Telerik Reporting Insecure Expression Evaluation | Progress Software | Telerik Reporting | High | 7.8 | 2024-10-09 14:18:57 | Deep Dive |
| CVE-2024-8014 | Telerik Reporting EntityDataSource Insecure Type Resolution | Progress Software | Telerik Reporting | High | 8.8 | 2024-10-09 14:16:34 | Deep Dive |
| CVE-2024-39656 | WordPress Tin Canny Reporting for LearnDash plugin <= 4.3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability | Uncanny Owl | Tin Canny Reporting for LearnDash | High | 7.1 | 2024-08-01 21:47:16 | Deep Dive |
| CVE-2024-6096 | Unsafe Deserialization Vulnerability | Progress Software Corporation | Telerik Reporting | High | 8.8 | 2024-07-24 14:00:19 | Deep Dive |
| CVE-2024-39900 | OpenSearch Dashboards Reports does not properly restrict access to private tenant resources | opensearch-project | reporting | Medium | 5.4 | 2024-07-09 21:17:22 | Deep Dive |
| CVE-2024-25052 | IBM Jazz Reporting Service information disclosure | IBM | Jazz Reporting Service | Medium | 4.4 | 2024-06-13 13:45:32 | Deep Dive |
| CVE-2024-4200 | Progress Telerik Reporting Local Deserialization Vulnerability | Progress Software Corporation | Telerik Reporting | High | 7.7 | 2024-05-15 16:56:25 | Deep Dive |
| CVE-2024-4202 | Progress Telerik Reporting Local Instantiation Vulnerability | Progress Software Corporation | Telerik Reporting | High | 7.7 | 2024-05-15 16:53:30 | Deep Dive |
| CVE-2024-28167 | Missing Authorization check in SAP Group Reporting Data Collection (Enter Package Data) | SAP_SE | SAP Group Reporting Data Collection (Enter Package Data) | Medium | 6.5 | 2024-04-09 00:55:46 | Deep Dive |
| CVE-2024-1856 | Progress Telerik Reporting Remote Deserialization Vulnerability | Progress Software Corporation | Telerik Reporting | High | 8.5 | 2024-03-20 13:13:51 | Deep Dive |