| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-0953 | Tutor LMS Pro <= 3.9.5 - Authentication Bypass via Social Login | themeum | Tutor LMS Pro | Critical | 9.8 | 2026-03-10 05:26:29 | Deep Dive |
| CVE-2026-28080 | WordPress Rank Math SEO PRO plugin <= 3.0.96 - Broken Access Control vulnerability | Rank Math | Rank Math SEO PRO | Medium | 4.3 | 2026-03-06 12:04:08 | Deep Dive |
| CVE-2026-30790 | RustDesk Server Controls All Handshake Entropy (Salt/Challenge), Enabling Offline Brute-Force | rustdesk-server-pro | RustDesk Server Pro | 超危 | - | 2026-03-05 15:49:16 | Deep Dive |
| CVE-2026-30796 | RustDesk Server Pro API Requires Address Book Password in Plaintext for Sync Protocol | rustdesk-server-pro | RustDesk Server Pro | 高危 | - | 2026-03-05 15:30:40 | Deep Dive |
| CVE-2026-3598 | RustDesk Server Generates Config Strings Using Reversible Encoding (Base64 + Reverse) Instead of Encryption | rustdesk-server-pro | RustDesk Server Pro | 高危 | - | 2026-03-05 14:14:11 | Deep Dive |
| CVE-2026-28126 | WordPress RH Frontend Publishing Pro plugin < 4.3.4 - Cross Site Scripting (XSS) vulnerability | sizam | RH Frontend Publishing Pro | 中危 | - | 2026-03-05 05:54:30 | Deep Dive |
| CVE-2026-28113 | WordPress Ultimate Learning Pro plugin <= 3.9.1 - Reflected Cross Site Scripting (XSS) vulnerability | azzaroco | Ultimate Learning Pro | 中危 | - | 2026-03-05 05:54:28 | Deep Dive |
| CVE-2026-27983 | WordPress LMS Elementor Pro plugin <= 1.0.4 - Privilege Escalation vulnerability | designthemes | LMS Elementor Pro | 中危 | - | 2026-03-05 05:54:03 | Deep Dive |
| CVE-2026-27396 | WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability | e-plugins | Directory Pro | 中危 | - | 2026-03-05 05:54:00 | Deep Dive |
| CVE-2026-27361 | WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Broken Access Control vulnerability | WebCodingPlace | Responsive Posts Carousel Pro | 中危 | - | 2026-03-05 05:53:55 | Deep Dive |
| CVE-2026-2365 | Fluent Forms Pro <= 6.1.17 - Unauthenticated Stored Cross-Site Scripting via Draft Form Submission | techjewel | Fluent Forms Pro Add On Pack | High | 7.2 | 2026-03-05 03:23:41 | Deep Dive |
| CVE-2026-2899 | Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion | techjewel | Fluent Forms Pro Add On Pack | Medium | 6.5 | 2026-03-05 03:23:41 | Deep Dive |
| CVE-2026-1336 | AI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenticated API Key Modification | ays-pro | AI ChatBot with ChatGPT and Content Generator by AYS | Medium | 5.3 | 2026-03-02 23:22:55 | Deep Dive |
| CVE-2026-0995 | ARM C1-Pro 安全漏洞 | Arm | C1 Pro | - | - | 2026-03-02 14:52:56 | Deep Dive |
| CVE-2026-2428 | Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification | techjewel | Fluent Forms Pro Add On Pack | High | 7.5 | 2026-02-27 03:23:19 | Deep Dive |
| CVE-2026-3037 | Copeland XWEB and XWEB Pro OS Command Injection | Copeland | Copeland XWEB 300D PRO | High | 8.0 | 2026-02-27 01:06:42 | Deep Dive |
| CVE-2026-20797 | Copeland XWEB and XWEB Pro Stack-based Buffer Overflow | Copeland | Copeland XWEB 300D PRO | Medium | 4.3 | 2026-02-27 01:03:19 | Deep Dive |
| CVE-2026-22877 | Copeland XWEB and XWEB Pro Path Traversal | Copeland | Copeland XWEB 300D PRO | Low | 3.7 | 2026-02-27 01:01:26 | Deep Dive |
| CVE-2026-25037 | Copeland XWEB and XWEB Pro OS Command Injection | Copeland | Copeland XWEB 300D PRO | High | 8.0 | 2026-02-27 00:59:15 | Deep Dive |
| CVE-2026-25196 | Copeland XWEB and XWEB Pro OS Command Injection | Copeland | Copeland XWEB 300D PRO | High | 8.0 | 2026-02-27 00:58:09 | Deep Dive |