| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-31783 | WordPress Leartes TRY Exchange Rates Plugin <= 2.1 - Stored Cross Site Scripting (XSS) vulnerability | Leartes.NET | Leartes TRY Exchange Rates | Medium | 6.5 | 2025-04-01 14:51:26 | Deep Dive |
| CVE-2025-29980 | Blind SQL Injection vulnerability in eTRAKiT.Net | CentralSquare | eTRAKiT.Net | Critical | 9.8 | 2025-03-20 19:03:06 | Deep Dive |
| CVE-2025-22870 | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net | Go standard library | net/http | 中危 | - | 2025-03-12 18:27:59 | Deep Dive |
| CVE-2025-24070 | ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability | Microsoft | ASP.NET Core 8.0 | High | 7.0 | 2025-03-11 16:58:54 | Deep Dive |
| CVE-2024-8682 | JNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User Registration | https://themeforest.net/item/jnews-one-stop-solution-for-web-publishing/20566392 | JNews - WordPress Newspaper Magazine Blog AMP Theme | Medium | 5.3 | 2025-03-05 08:21:55 | Deep Dive |
| CVE-2025-1804 | Blizzard Battle.Net profapi.dll uncontrolled search path | Blizzard | Battle.Net | High | 7.0 | 2025-03-01 18:31:04 | Deep Dive |
| CVE-2024-23814 | Siemens SCALANCE Series 资源管理错误漏洞 | Siemens | SIDOOR ATD430W | Medium | 5.3 | 2025-02-11 10:28:33 | Deep Dive |
| CVE-2025-25186 | Net::IMAP vulnerable to possible DoS by memory exhaustion | ruby | net-imap | Medium | 6.5 | 2025-02-10 15:55:57 | Deep Dive |
| CVE-2024-11831 | Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript | - | - | Medium | 5.4 | 2025-02-10 15:27:47 | Deep Dive |
| CVE-2025-24544 | WordPress Bitcoin and Altcoin Wallets plugin <= 6.3.1 - Reflected Cross Site Scripting (XSS) vulnerability | dashed-slug.net | Bitcoin and Altcoin Wallets | High | 7.1 | 2025-02-03 14:22:46 | Deep Dive |
| CVE-2025-24788 | Snowflake Connector for .NET has weak temporary files permissions | snowflakedb | snowflake-connector-net | Medium | 5.0 | 2025-01-29 20:19:16 | Deep Dive |
| CVE-2024-45336 | Sensitive headers incorrectly sent after cross-domain redirect in net/http | Go standard library | net/http | 高危 | - | 2025-01-28 01:03:25 | Deep Dive |
| CVE-2024-12529 | brodos.net Onlineshop Plugin <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting | brodosnet | brodos.net Onlineshop Plugin | Medium | 6.4 | 2025-01-25 07:24:14 | Deep Dive |
| CVE-2025-24669 | WordPress SERPed.net Plugin <= 4.4 - SQL Injection vulnerability | serpednet | SERPed.net | High | 8.5 | 2025-01-24 17:24:48 | Deep Dive |
| CVE-2025-23804 | WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability | Shiv Prakash Tiwari | WP Service Payment Form With Authorize.net | High | 7.1 | 2025-01-16 20:07:06 | Deep Dive |
| CVE-2025-23783 | WordPress Greek Namedays Widget Plugin <= 20191113 - Cross Site Scripting (XSS) vulnerability | carrotbits | Greek Namedays Widget From Eortologio.Net | Medium | 6.5 | 2025-01-16 20:06:54 | Deep Dive |
| CVE-2025-23749 | WordPress mybb Last Topics plugin <= 1.0 - CSRF to Stored XSS vulnerability | progpars.net | mybb Last Topics | High | 7.1 | 2025-01-16 20:06:52 | Deep Dive |
| CVE-2025-23677 | WordPress HTTP to HTTPS link changer by Eyga.net plugin <= 0.2.4 - CSRF to Stored XSS vulnerability | DSmidge | HTTP to HTTPS link changer by Eyga.net | High | 7.1 | 2025-01-16 20:06:39 | Deep Dive |
| CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability | Microsoft | .NET 8.0 | High | 7.5 | 2025-01-14 18:04:38 | Deep Dive |
| CVE-2025-21173 | .NET Elevation of Privilege Vulnerability | Microsoft | .NET 8.0 | High | 7.3 | 2025-01-14 18:04:02 | Deep Dive |