| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10658 | SupportCandy – Helpdesk & Customer Support Ticket System <= 3.3.7 - Authentication Bypass to Support Session Takeover | psmplugins | SupportCandy – Helpdesk & Customer Support Ticket System | Medium | 6.5 | 2025-09-20 06:43:19 | Deep Dive |
| CVE-2025-8394 | Productive Style <= 1.1.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via display_productive_breadcrumb Shortcode | productiveminds | Productive Style – Optimisations & Content Publishing Support | Medium | 6.4 | 2025-09-17 01:49:15 | Deep Dive |
| CVE-2025-53340 | WordPress Awesome Support plugin <= 6.3.6 - Sensitive Data Exposure vulnerability | awesomesupport | Awesome Support | Medium | 5.3 | 2025-09-09 16:25:34 | Deep Dive |
| CVE-2025-49860 | WordPress Majestic Support plugin <= 1.1.0 - Broken Access Control vulnerability | Majestic Support | Majestic Support | Medium | 5.3 | 2025-09-09 16:25:24 | Deep Dive |
| CVE-2025-9566 | Podman: podman kube play command may overwrite host files | - | - | High | 8.1 | 2025-09-05 19:54:31 | Deep Dive |
| CVE-2025-58635 | WordPress Support Genix Plugin <= 1.4.23 - Broken Access Control Vulnerability | DevItems | Support Genix | Medium | 5.3 | 2025-09-03 14:36:56 | Deep Dive |
| CVE-2025-8067 | Udisks: out-of-bounds read in udisks daemon | storaged-project | udisks | High | 8.5 | 2025-08-28 14:47:09 | Deep Dive |
| CVE-2025-53584 | WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability | emarket-design | WP Ticket Customer Service Software & Support Ticket System | High | 8.1 | 2025-08-28 12:37:33 | Deep Dive |
| CVE-2025-57885 | WordPress Fluent Support Plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) Vulnerability | Shahjahan Jewel | Fluent Support | Medium | 4.3 | 2025-08-22 11:59:53 | Deep Dive |
| CVE-2025-49422 | WordPress Support Ticket Plugin <= 1.9 - Privilege Escalation Vulnerability | themepassion | Support Ticket | Critical | 9.8 | 2025-08-20 08:03:43 | Deep Dive |
| CVE-2025-49424 | WordPress Support Ticket Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability | themepassion | Support Ticket | High | 7.1 | 2025-08-20 08:03:42 | Deep Dive |
| CVE-2025-48163 | WordPress SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support <= 3.5.4 - Cross Site Scripting (XSS) Vulnerability | LambertGroup | SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support | High | 7.1 | 2025-08-20 08:03:29 | Deep Dive |
| CVE-2025-54027 | WordPress Support Board <= 3.8.0 - Cross Site Scripting (XSS) Vulnerability | Schiocco | Support Board | High | 7.1 | 2025-08-20 08:03:01 | Deep Dive |
| CVE-2025-54031 | WordPress Support Board <= 3.8.0 - Local File Inclusion Vulnerability | Schiocco | Support Board | High | 8.1 | 2025-08-20 08:03:00 | Deep Dive |
| CVE-2025-7499 | BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 5.3 | 2025-08-16 07:25:29 | Deep Dive |
| CVE-2025-43490 | HP Hotkey Support – Escalation of Privilege | HP, Inc. | HP Hotkey Support Software | - | - | 2025-08-15 18:40:52 | Deep Dive |
| CVE-2025-8941 | Linux-pam: incomplete fix for cve-2025-6020 | - | - | High | 7.8 | 2025-08-13 14:42:38 | Deep Dive |
| CVE-2025-21093 | Intel Driver & Support Assistant Tool 代码问题漏洞 | - | Intel(R) Driver & Support Assistant Tool software | Medium | 6.7 | 2025-08-12 16:58:28 | Deep Dive |
| CVE-2025-30033 | Siemens多款产品 代码问题漏洞 | Siemens | Automation License Manager V6.0 | High | 7.8 | 2025-08-12 11:16:57 | Deep Dive |
| CVE-2025-6395 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() | - | - | Medium | 6.5 | 2025-07-10 15:20:46 | Deep Dive |