| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-54948 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | Critical | 9.4 | 2025-08-05 13:00:20 | Deep Dive |
| CVE-2025-6832 | All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier <= 2.0 - Reflected Cross-Site Scripting | codebangers | All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier | Medium | 6.1 | 2025-08-02 08:24:47 | Deep Dive |
| CVE-2025-7443 | BerqWP <= 2.2.42 - Unauthenticated Arbitrary File Upload | berqwp | BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript | High | 8.1 | 2025-08-01 04:24:29 | Deep Dive |
| CVE-2025-7689 | Hydra Booking 1.1.0 - 1.1.18 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via tfhb_reset_password_callback Function | themefic | Hydra Booking – All in One Appointment Booking System | Appointment Scheduling, Booking Calendar & WooCommerce Bookings | High | 8.8 | 2025-07-29 09:23:46 | Deep Dive |
| CVE-2025-52924 | One Identity OneLogin SQL注入漏洞 | One Identity | OneLogin | Medium | 4.0 | 2025-07-19 00:00:00 | Deep Dive |
| CVE-2025-27582 | One Identity Password Manager 安全漏洞 | One Identity | Password Manager | High | 7.6 | 2025-07-14 00:00:00 | Deep Dive |
| CVE-2025-53503 | Trend Micro Cleaner One Pro 安全漏洞 | Trend Micro, Inc. | Trend Micro Cleaner One Pro | High | 7.8 | 2025-07-10 18:59:17 | Deep Dive |
| CVE-2025-2330 | All-in-One Addons for Elementor – WidgetKit <= 2.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via button+modal Widget | shamsbd71 | All-in-One Addons for Elementor – WidgetKit | Medium | 6.4 | 2025-07-02 09:23:25 | Deep Dive |
| CVE-2025-34064 | OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:34 | Deep Dive |
| CVE-2025-34063 | OneLogin AD Connector JWT Authentication Bypass via Exposed Signing Key | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:26 | Deep Dive |
| CVE-2025-34062 | OneLogin AD Connector API Credential and Signing Key Exposure | One Identity | OneLogin Active Directory Connector (ADC) | - | - | 2025-07-01 14:49:20 | Deep Dive |
| CVE-2025-49158 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | Medium | 6.7 | 2025-06-17 18:42:57 | Deep Dive |
| CVE-2025-49157 | Trend Micro Apex One Damage Cleanup Engine 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2025-06-17 18:42:49 | Deep Dive |
| CVE-2025-49156 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.0 | 2025-06-17 18:42:40 | Deep Dive |
| CVE-2025-49155 | Trend Micro Apex One Data Loss Prevention 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 8.8 | 2025-06-17 18:42:32 | Deep Dive |
| CVE-2025-49154 | Trend Micro Apex One和Trend Micro Worry-Free Business Security Services 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 8.7 | 2025-06-17 18:42:10 | Deep Dive |
| CVE-2025-4315 | CubeWP – All-in-One Dynamic Content Framework <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation | cubewp1211 | CubeWP Framework | High | 8.8 | 2025-06-11 09:22:33 | Deep Dive |
| CVE-2025-42998 | Security misconfiguration vulnerability in SAP Business One Integration Framework | SAP_SE | SAP Business One Integration Framework | Medium | 5.3 | 2025-06-10 00:14:11 | Deep Dive |
| CVE-2025-23974 | WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability | ifkooo | One-Login | High | 8.1 | 2025-06-09 15:56:57 | Deep Dive |
| CVE-2025-31052 | WordPress The Fashion - Model Agency One Page Beauty Theme plugin <= 1.4.4 - Deserialization of untrusted data Vulnerability | themeton | The Fashion - Model Agency One Page Beauty Theme | Critical | 9.8 | 2025-06-09 15:56:46 | Deep Dive |