| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6868 | SourceCodester Simple Company Website manage.php sql injection | SourceCodester | Simple Company Website | Medium | 4.7 | 2025-06-29 19:02:06 | Deep Dive |
| CVE-2025-6867 | SourceCodester Simple Company Website manage.php sql injection | SourceCodester | Simple Company Website | Medium | 4.7 | 2025-06-29 18:32:06 | Deep Dive |
| CVE-2025-53285 | WordPress Add & Replace Affiliate Links for Amazon plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability | The Website Flip | Add & Replace Affiliate Links for Amazon | Medium | 5.9 | 2025-06-27 13:21:23 | Deep Dive |
| CVE-2025-3076 | Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | https://elementor.com/ | Elementor Website Builder Pro | Medium | 6.4 | 2025-06-10 04:23:10 | Deep Dive |
| CVE-2025-5128 | ScriptAndTools Real-Estate-website-in-PHP Admin Login Panel admin sql injection | ScriptAndTools | Real-Estate-website-in-PHP | High | 7.3 | 2025-05-24 16:00:13 | Deep Dive |
| CVE-2025-4223 | Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.0 - Reflected Cross-Site Scripting via login_url Parameter | softaculous | Page Builder: Pagelayer – Drag and Drop website builder | Medium | 4.7 | 2025-05-24 04:25:19 | Deep Dive |
| CVE-2024-13427 | Page Builder: Pagelayer – Drag and Drop website builder <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Link | softaculous | Page Builder: Pagelayer – Drag and Drop website builder | Medium | 6.4 | 2025-05-24 01:41:10 | Deep Dive |
| CVE-2025-48276 | WordPress Visual Composer Website Builder plugin <= 45.11.0 - Cross Site Scripting (XSS) Vulnerability | Visual Composer | Visual Composer Website Builder | Medium | 6.5 | 2025-05-19 14:45:26 | Deep Dive |
| CVE-2025-2158 | WordPress Review Plugin: The Ultimate Solution for Building a Review Website <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom Fields | mythemeshop | WordPress Review Plugin: The Ultimate Solution for Building a Review Website | High | 8.8 | 2025-05-10 09:23:01 | Deep Dive |
| CVE-2025-3949 | Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode <= 6.18.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure | seedprod | Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode | Medium | 4.3 | 2025-05-09 08:24:05 | Deep Dive |
| CVE-2025-3779 | Personizely <= 0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via widgetId Parameter | personizely | Personizely — A/B Testing, Personalization, Popups & CRO | Medium | 6.4 | 2025-05-03 01:43:08 | Deep Dive |
| CVE-2025-3975 | ScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosure | ScriptAndTools | eCommerce-website-in-PHP | Medium | 5.3 | 2025-04-27 15:31:05 | Deep Dive |
| CVE-2025-46254 | WordPress Visual Composer Website Builder plugin <= 45.10.0 - Cross Site Scripting (XSS) vulnerability | Visual Composer | Visual Composer Website Builder | Medium | 6.5 | 2025-04-22 09:53:36 | Deep Dive |
| CVE-2025-3557 | ScriptAndTools eCommerce-website-in-PHP cross-site request forgery | ScriptAndTools | eCommerce-website-in-PHP | Medium | 4.3 | 2025-04-14 08:00:12 | Deep Dive |
| CVE-2025-3556 | ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication | ScriptAndTools | eCommerce-website-in-PHP | Low | 3.7 | 2025-04-14 07:31:05 | Deep Dive |
| CVE-2025-3555 | ScriptAndTools eCommerce-website-in-PHP login.php excessive authentication | ScriptAndTools | eCommerce-website-in-PHP | Low | 3.7 | 2025-04-14 07:00:11 | Deep Dive |
| CVE-2025-3537 | Tutorials-Website Employee Management System update-user.php improper authorization | Tutorials-Website | Employee Management System | Medium | 5.3 | 2025-04-13 12:00:14 | Deep Dive |
| CVE-2025-3536 | Tutorials-Website Employee Management System delete-user.php improper authorization | Tutorials-Website | Employee Management System | Medium | 6.5 | 2025-04-13 11:31:06 | Deep Dive |
| CVE-2025-32258 | WordPress Simple Website Logo plugin <= 1.1 - Broken Access Control vulnerability | InfoGiants | Simple Website Logo | Medium | 5.3 | 2025-04-04 15:59:31 | Deep Dive |
| CVE-2025-32252 | WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability | Black and White | WP Genealogy – Your Family History Website | Medium | 5.3 | 2025-04-04 15:59:27 | Deep Dive |