| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-47536 | WordPress Content Egg plugin <= 7.0.0 - PHP Object Injection Vulnerability | keywordrush | Content Egg | High | 7.2 | 2025-08-14 10:34:26 | Deep Dive |
| CVE-2025-3414 | Structured Content < 1.7.0 - Contributor Stored XSS | Unknown | Structured Content (JSON-LD) #wpsc | - | - | 2025-08-14 06:00:02 | Deep Dive |
| CVE-2025-55164 | content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE | helmetjs | content-security-policy-parser | - | - | 2025-08-12 16:02:45 | Deep Dive |
| CVE-2025-4390 | WP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information Exposure | nimeshrmr | WP Private Content Plus | Medium | 5.3 | 2025-08-12 02:24:47 | Deep Dive |
| CVE-2025-27802 | Stored Cross-Site Scripting in Episerver Content Management System (CMS) Edit Preview | Optimizely | Episerver Content Management System (CMS) | Medium | 4.8 | 2025-07-28 08:47:43 | Deep Dive |
| CVE-2025-27801 | Stored Cross-Site Scripting in Episerver Content Management System (CMS) Media Selection Preview | Optimizely | Episerver Content Management System (CMS) | Medium | 4.8 | 2025-07-28 08:40:16 | Deep Dive |
| CVE-2025-27800 | Stored Cross-Site Scripting in Episerver Content Management System (CMS) Admin Dashboard | Optimizely | Episerver Content Management System (CMS) | Medium | 4.8 | 2025-07-28 08:33:24 | Deep Dive |
| CVE-2022-4979 | Sitecore XP 7.5 - 10.2, CMS 7.2, and Managed Cloud XSS | Sitecore | Experience Platform | 中危 | - | 2025-07-25 15:55:36 | Deep Dive |
| CVE-2015-10142 | Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path | Sitecore | Experience Platform (XP) | 中危 | - | 2025-07-25 15:55:07 | Deep Dive |
| CVE-2025-4608 | Structured Content <= 1.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_fs_local_business Shortcode | gorbo | Structured Content (JSON-LD) #wpsc | Medium | 6.4 | 2025-07-24 09:22:21 | Deep Dive |
| CVE-2025-6831 | User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode | wpeverest | User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | Medium | 6.4 | 2025-07-22 01:44:28 | Deep Dive |
| CVE-2025-7658 | Temporarily Hidden Content <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting | codents | Temporarily Hidden Content | Medium | 6.4 | 2025-07-19 02:22:58 | Deep Dive |
| CVE-2025-6781 | Copymatic – AI Content Writer & Generator <= 2.1 - Cross-Site Request Forgery to Settings Update | ryanfaber | Copymatic – AI Content Writer & Generator | Medium | 4.3 | 2025-07-18 04:23:03 | Deep Dive |
| CVE-2024-39752 | IBM Analytics Content Hub file upload | IBM | Analytics Content Hub | Medium | 6.8 | 2025-07-10 14:15:19 | Deep Dive |
| CVE-2024-38327 | IBM Analytics Content Hub information disclosure | IBM | Analytics Content Hub | Medium | 6.8 | 2025-07-10 14:14:41 | Deep Dive |
| CVE-2025-36090 | IBM Analytics Content Hub information disclosure | IBM | Analytics Content Hub | Medium | 4.3 | 2025-07-10 14:12:56 | Deep Dive |
| CVE-2024-37524 | IBM Analytics Content Hub information disclosure | IBM | Analytics Content Hub | Medium | 5.3 | 2025-07-10 14:12:18 | Deep Dive |
| CVE-2025-53624 | docusaurus-plugin-content-gists Exposes GitHub Personal Access Token | webbertakken | docusaurus-plugin-content-gists | Critical | 10.0 | 2025-07-09 21:08:15 | Deep Dive |
| CVE-2025-42985 | Open Redirect vulnerability in SAP BusinessObjects Content Administrator workbench | SAP_SE | SAP BusinessObjects Content Administrator workbench | Medium | 6.1 | 2025-07-08 00:38:25 | Deep Dive |
| CVE-2025-24771 | WordPress Content Manager Light plugin <= 3.2 - Reflected Cross Site Scripting (XSS) vulnerability | OTWthemes | Content Manager Light | High | 7.1 | 2025-07-04 11:18:11 | Deep Dive |