| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2020-36925 | Arteco Web Client DVR/NVR Session ID Brute Force Authentication Bypass | Arteco-Global | Arteco Web Client DVR/NVR | Critical | 9.8 | 2026-01-06 15:52:29 | Deep Dive |
| CVE-2025-62087 | WordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerability | Web Builder 143 | Sticky Notes for WP Dashboard | Medium | 4.3 | 2025-12-31 16:08:59 | Deep Dive |
| CVE-2025-62084 | WordPress iNext Woo Pincode Checker plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerability | Imdad Next Web | iNext Woo Pincode Checker | Medium | 4.3 | 2025-12-31 15:50:01 | Deep Dive |
| CVE-2025-62144 | WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability | Mohammed Kaludi | Core Web Vitals & PageSpeed Booster | Medium | 5.4 | 2025-12-31 13:48:58 | Deep Dive |
| CVE-2025-62748 | WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability | Genetech Products | Web and WooCommerce Addons for WPBakery Builder | Medium | 6.5 | 2025-12-31 12:02:49 | Deep Dive |
| CVE-2025-69018 | WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability | Shamalli | Web Directory Free | 中危 | - | 2025-12-30 10:47:54 | Deep Dive |
| CVE-2025-55064 | Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') | Priority | Web | Medium | 4.8 | 2025-12-29 17:23:31 | Deep Dive |
| CVE-2025-55063 | Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') | Priority | Web | Medium | 4.8 | 2025-12-29 17:19:53 | Deep Dive |
| CVE-2025-55062 | Priority - CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') | Priority | Web | Medium | 4.8 | 2025-12-29 17:18:01 | Deep Dive |
| CVE-2025-55061 | Priority - CWE-434 Unrestricted Upload of File with Dangerous Type | Priority | Web | High | 8.8 | 2025-12-29 17:14:36 | Deep Dive |
| CVE-2025-55060 | Priority - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') | Priority | Web | Medium | 6.1 | 2025-12-29 17:11:11 | Deep Dive |
| CVE-2025-15070 | Data Exposure in Gmission Web FAX | Gmission | Web Fax | Medium | 5.5 | 2025-12-29 05:06:22 | Deep Dive |
| CVE-2025-15069 | Privilege Escalation in Gmission Web FAX | Gmission | Web Fax | High | 7.1 | 2025-12-29 05:05:58 | Deep Dive |
| CVE-2025-15068 | Account Takeover in Gmission Web FAX | Gmission | Web Fax | High | 7.7 | 2025-12-29 05:05:43 | Deep Dive |
| CVE-2025-8769 | MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation | MegaSys Computer Technologies | Telenium Online Web Application | Critical | 9.8 | 2025-12-24 20:14:20 | Deep Dive |
| CVE-2025-13361 | Web to SugarCRM Lead <= 1.0.0 - Cross-Site Request Forgery to Custom Field Deletion | dipesh_patel | Web to SugarCRM Lead | Medium | 4.3 | 2025-12-21 03:20:07 | Deep Dive |
| CVE-2025-67712 | HTML injection issue in ArcGIS Web App Builder | Esri | ArcGIS Web AppBuilder {Developer Edition) | Medium | 4.7 | 2025-12-19 20:05:42 | Deep Dive |
| CVE-2025-14437 | Hummingbird <= 3.18.0 - Unauthenticated Sensitive Information Exposure via Log File | wpmudev | Hummingbird Performance – Cache & Page Speed Optimization for Core Web Vitals | Critical CSS | Minify CSS | Defer CSS Javascript | CDN | High | 7.5 | 2025-12-18 12:22:27 | Deep Dive |
| CVE-2025-60078 | WordPress Task Manager plugin <= 3.0.2 - Local File Inclusion vulnerability | Agence web Eoxia – Montpellier | Task Manager | High | 7.5 | 2025-12-18 07:22:07 | Deep Dive |
| CVE-2025-20393 | Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability | Cisco | Cisco Secure Email | Critical | 10.0 | 2025-12-17 16:47:13 | Deep Dive |