| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58681 | WordPress Easy Quotes Plugin <= 1.2.4 - Broken Access Control Vulnerability | Jürgen Müller | Easy Quotes | Medium | 5.3 | 2025-09-22 18:22:48 | Deep Dive |
| CVE-2025-9128 | eID Easy <= 4.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | eideasy | eID Easy | Medium | 6.4 | 2025-09-11 07:25:01 | Deep Dive |
| CVE-2025-8686 | WP Easy FAQs <= 1.0.5 - Authenticated (Author+) Stored Cross-Site Scripting via WP_EASY_FAQ Shortcode | wen-solutions | WP Easy FAQs | Medium | 6.4 | 2025-09-11 07:24:51 | Deep Dive |
| CVE-2025-32688 | WordPress Target Video Easy Publish plugin <= 3.8.9 - Arbitrary Code Execution vulnerability | Nebojsa | Target Video Easy Publish | Medium | 5.4 | 2025-09-09 16:25:31 | Deep Dive |
| CVE-2025-6067 | Easy Social Feed – Social Photos Gallery – Post Feed – Like Box <= 6.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | sjaved | Easy Social Feed – Social Photos Gallery and Post Feed for WordPress | Medium | 6.4 | 2025-09-06 01:47:27 | Deep Dive |
| CVE-2025-48105 | WordPress Easy Flash Embed plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Vincent Boiardt | Easy Flash Embed | Medium | 6.5 | 2025-09-05 16:15:42 | Deep Dive |
| CVE-2025-58867 | WordPress Easy Download Media Counter Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability | Remi Corson | Easy Download Media Counter | Medium | 6.5 | 2025-09-05 13:45:44 | Deep Dive |
| CVE-2025-9519 | Easy Timer <= 4.2.1 - Authenticated (Editor+) Remote Code Execution via Shortcode | kleor | Easy Timer | High | 7.2 | 2025-09-04 04:23:49 | Deep Dive |
| CVE-2025-9500 | TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter | tobiasbg | TablePress – Tables in WordPress made easy | Medium | 6.4 | 2025-08-30 04:25:06 | Deep Dive |
| CVE-2025-53572 | WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability | emarket-design | WP Easy Contact | High | 8.1 | 2025-08-28 12:37:30 | Deep Dive |
| CVE-2025-8102 | Easy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 5.4 | 2025-08-20 11:26:10 | Deep Dive |
| CVE-2025-54712 | WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability | hashthemes | Easy Elementor Addons | Medium | 4.3 | 2025-08-14 18:21:47 | Deep Dive |
| CVE-2025-54704 | WordPress Easy Elementor Addons plugin <= 2.2.6 - Cross Site Scripting (XSS) Vulnerability | hashthemes | Easy Elementor Addons | Medium | 6.5 | 2025-08-14 10:34:58 | Deep Dive |
| CVE-2025-54678 | WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability | hassantafreshi | Easy Form Builder | Critical | 9.3 | 2025-08-14 10:34:43 | Deep Dive |
| CVE-2025-8491 | Easy restaurant menu manager <= 2.0.2 - Cross-Site Request Forgery to Menu Upload | nikelschubert | Easy restaurant menu manager | Medium | 4.3 | 2025-08-13 03:42:04 | Deep Dive |
| CVE-2025-8462 | RT Easy Builder <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | risetheme | RT Easy Builder – Advanced addons for Elementor | Medium | 6.4 | 2025-08-12 02:24:46 | Deep Dive |
| CVE-2025-8420 | Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution | emarket-design | Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress | High | 8.1 | 2025-08-06 02:24:12 | Deep Dive |
| CVE-2025-8315 | WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter | emarket-design | Simple Contact Form Plugin for WordPress – WP Easy Contact | Medium | 6.4 | 2025-08-05 06:39:48 | Deep Dive |
| CVE-2025-7644 | Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery <= 1.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Pixel Gallery Addons for Elementor – Easy Grid, Creative Gallery, Drag and Drop Grid, Custom Grid Layout, Portfolio Gallery | Medium | 6.4 | 2025-07-22 04:25:08 | Deep Dive |
| CVE-2025-28955 | WordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download Vulnerability | FWDesign | Easy Video Player Wordpress & WooCommerce | High | 7.5 | 2025-07-16 11:28:13 | Deep Dive |