| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10636 | NS Maintenance Mode for WP <= 1.3.1 - Admin+ Stored XSS | Unknown | NS Maintenance Mode for WP | - | - | 2025-10-30 06:00:08 | Deep Dive |
| CVE-2025-9544 | Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation | Unknown | Doppler Forms | - | - | 2025-10-29 06:00:07 | Deep Dive |
| CVE-2025-11154 | IDonate < 2.1.13 - Unauthenticated User Deletion | Unknown | IDonate | - | - | 2025-10-27 06:00:02 | Deep Dive |
| CVE-2025-9978 | Jeg Elementor Kit < 2.7.0 - Author+ Stored XSS | Unknown | Jeg Kit for Elementor | 中危 | - | 2025-10-24 06:00:10 | Deep Dive |
| CVE-2025-10874 | Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery | Unknown | Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More | 中危 | - | 2025-10-24 06:00:09 | Deep Dive |
| CVE-2025-10723 | PixelYourSite < 11.1.2 - Admin+ LFI | Unknown | PixelYourSite | 中危 | - | 2025-10-24 06:00:07 | Deep Dive |
| CVE-2025-5983 | Meta Tag Manager < 3.3 - Contributor+ Open Redirect | Unknown | Meta Tag Manager | - | - | 2025-10-22 06:00:06 | Deep Dive |
| CVE-2025-10638 | NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export | Unknown | NS Maintenance Mode for WP | - | - | 2025-10-22 06:00:02 | Deep Dive |
| CVE-2025-10916 | FormGent < 1.0.4 - Unauthenticated Arbitrary File Deletion | Unknown | FormGent | - | - | 2025-10-21 06:00:07 | Deep Dive |
| CVE-2025-10406 | BlindMatrix e-Commerce < 3.1 - Contributor+ LFI | Unknown | BlindMatrix e-Commerce | - | - | 2025-10-15 06:00:02 | Deep Dive |
| CVE-2025-8594 | Pz-LinkCard < 2.5.7 - Contributor+ SSRF | Unknown | Pz-LinkCard | - | - | 2025-10-14 06:00:07 | Deep Dive |
| CVE-2025-10357 | Simple SEO < 2.0.32 - Contributor+ Stored XSS | Unknown | Simple SEO | - | - | 2025-10-14 06:00:05 | Deep Dive |
| CVE-2025-10720 | WP Private Content Plus <= 3.6.2 - Password Protection Bypass | Unknown | WP Private Content Plus | - | - | 2025-10-13 09:37:14 | Deep Dive |
| CVE-2025-9698 | The Plus Addons for Elementor < 6.3.16 - Author+ Stored XSS | Unknown | The Plus Addons for Elementor | - | - | 2025-10-13 06:00:07 | Deep Dive |
| CVE-2025-10124 | Booking Manager < 2.1.15 - Contributor+ Booking Deletion | Unknown | Booking Manager | - | - | 2025-10-10 06:00:07 | Deep Dive |
| CVE-2025-10635 | Find Me On <= 2.0.9.1 - Subscriber+ SQL Injection | Unknown | Find Me On | - | - | 2025-10-08 06:00:04 | Deep Dive |
| CVE-2025-10162 | OrderConvo < 14 - Unauthenticated Arbitrary File Read | Unknown | Admin and Customer Messages After Order for WooCommerce: OrderConvo | - | - | 2025-10-07 06:00:05 | Deep Dive |
| CVE-2025-9710 | Responsive Lightbox & Gallery < 2.5.3 - Unauthenticated Stored-XSS via Comments | Unknown | Responsive Lightbox & Gallery | - | - | 2025-10-06 06:00:07 | Deep Dive |
| CVE-2025-9703 | Ultimate Addons for Elementor Lite < 2.5.0 - Author+ Stored XSS | Unknown | Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) | - | - | 2025-10-06 06:00:05 | Deep Dive |
| CVE-2025-9697 | Ajax WooSearch <= 1.0.0 - Unauthenticated SQL Injection | Unknown | Ajax WooSearch | - | - | 2025-10-02 06:00:06 | Deep Dive |