| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-27189 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) | Adobe | Adobe Commerce | Medium | 4.3 | 2025-04-08 20:17:09 | Deep Dive |
| CVE-2025-27435 | Information Disclosure Vulnerability in SAP Commerce Cloud | SAP_SE | SAP Commerce Cloud | Medium | 4.2 | 2025-04-08 07:13:49 | Deep Dive |
| CVE-2025-26654 | Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud) | SAP_SE | SAP Commerce Cloud (Public Cloud) | Medium | 6.8 | 2025-04-08 07:13:04 | Deep Dive |
| CVE-2025-27130 | Welcart e-Commerce 代码问题漏洞 | Welcart Inc. | Welcart e-Commerce | 中危 | - | 2025-04-01 08:57:26 | Deep Dive |
| CVE-2025-31543 | WordPress Twice Commerce plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability | Twice Commerce | Twice Commerce | Medium | 6.5 | 2025-03-31 12:55:13 | Deep Dive |
| CVE-2025-30615 | WordPress WP e-Commerce Style Email plugin <= 0.6.2 - CSRF to Remote Code Execution vulnerability | Jacob Schwartz | WP e-Commerce Style Email | Critical | 9.6 | 2025-03-24 13:47:30 | Deep Dive |
| CVE-2025-27434 | Cross-Site Scripting (XSS) vulnerability in SAP Commerce (Swagger UI) | SAP_SE | SAP Commerce (Swagger UI) | High | 8.8 | 2025-03-11 00:39:02 | Deep Dive |
| CVE-2025-1322 | WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Protected Post Disclosure | wppost | WP-Recall – Registration, Profile, Commerce & More | Medium | 4.3 | 2025-03-08 09:22:55 | Deep Dive |
| CVE-2025-1323 | WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Unauthenticated SQL Injection | wppost | WP-Recall – Registration, Profile, Commerce & More | High | 7.5 | 2025-03-08 09:22:55 | Deep Dive |
| CVE-2025-1325 | WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Exeuction | wppost | WP-Recall – Registration, Profile, Commerce & More | Medium | 6.3 | 2025-03-08 09:22:54 | Deep Dive |
| CVE-2025-1324 | WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wppost | WP-Recall – Registration, Profile, Commerce & More | Medium | 6.4 | 2025-03-08 09:22:53 | Deep Dive |
| CVE-2024-9149 | SQLi in Wind Media's E-Commerce Website Template | Wind Media | E-Commerce Website Template | High | 8.6 | 2025-03-04 14:16:28 | Deep Dive |
| CVE-2025-0545 | XSS in Tekrom Technology's T-Soft E-Commerce | Tekrom Technology | T-Soft E-Commerce | Medium | 4.7 | 2025-02-24 13:43:48 | Deep Dive |
| CVE-2025-0511 | Welcart e-Commerce <= 2.11.9 - Unauthenticated Stored Cross-Site Scripting via name Parameter | uscnanbu | Welcart e-Commerce | High | 7.2 | 2025-02-12 11:11:16 | Deep Dive |
| CVE-2025-24422 | Adobe Commerce | Improper Access Control (CWE-284) | Adobe | Adobe Commerce | Medium | 6.5 | 2025-02-11 17:37:56 | Deep Dive |
| CVE-2025-24414 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.7 | 2025-02-11 17:37:55 | Deep Dive |
| CVE-2025-24437 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Medium | 5.4 | 2025-02-11 17:37:54 | Deep Dive |
| CVE-2025-24434 | Adobe Commerce | Incorrect Authorization (CWE-863) | Adobe | Adobe Commerce | Critical | 9.1 | 2025-02-11 17:37:54 | Deep Dive |
| CVE-2025-24415 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) | Adobe | Adobe Commerce | High | 8.7 | 2025-02-11 17:37:53 | Deep Dive |
| CVE-2025-24411 | Adobe Commerce | Improper Access Control (CWE-284) | Adobe | Adobe Commerce | High | 8.1 | 2025-02-11 17:37:52 | Deep Dive |