| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-31282 | Trend Vision One 安全漏洞 | Trend Micro, Inc. | Trend Vision One | Medium | 4.6 | 2025-04-02 16:38:38 | Deep Dive |
| CVE-2025-31564 | WordPress Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin <= 2.2.6 - SQL Injection vulnerability | aitool | Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One | High | 8.5 | 2025-04-01 20:58:13 | Deep Dive |
| CVE-2025-31849 | WordPress Nemesis All-in-One plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability | fbtemplates | Nemesis All-in-One | Medium | 6.5 | 2025-04-01 14:51:59 | Deep Dive |
| CVE-2025-31572 | WordPress Multi Days Events and Multi Events in One Day Calendar plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability | v20202020 | Multi Days Events and Multi Events in One Day Calendar | Medium | 4.3 | 2025-03-31 12:55:21 | Deep Dive |
| CVE-2025-31447 | WordPress NertWorks All in One Social Share Tools plugin <=1.26 - Cross Site Request Forgery (CSRF) Vulnerability | nertworks | NertWorks All in One Social Share Tools | Medium | 5.4 | 2025-03-28 11:54:16 | Deep Dive |
| CVE-2025-31092 | WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability | Ninja Team | Click to Chat – WP Support All-in-One Floating Widget | Medium | 6.5 | 2025-03-27 23:21:02 | Deep Dive |
| CVE-2024-58105 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.3 | 2025-03-25 17:37:39 | Deep Dive |
| CVE-2024-58104 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.3 | 2025-03-25 17:37:29 | Deep Dive |
| CVE-2024-10942 | All in One WP Migration <= 7.89 - Unauthenticated PHP Object Injection | servmask | All-in-One WP Migration and Backup | High | 7.5 | 2025-03-13 12:42:26 | Deep Dive |
| CVE-2025-1527 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module | devitemsllc | ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin | Medium | 6.4 | 2025-03-12 11:13:33 | Deep Dive |
| CVE-2025-26658 | Broken Authentication in SAP Business One (Service Layer) | SAP_SE | SAP Business One (Service Layer) | Medium | 6.8 | 2025-03-11 00:35:35 | Deep Dive |
| CVE-2024-10321 | All-in-One Addons for Elementor – WidgetKit <= 2.5.5 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | shamsbd71 | All-in-One Addons for Elementor – WidgetKit | Medium | 4.3 | 2025-03-08 08:22:56 | Deep Dive |
| CVE-2024-8682 | JNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User Registration | https://themeforest.net/item/jnews-one-stop-solution-for-web-publishing/20566392 | JNews - WordPress Newspaper Magazine Blog AMP Theme | Medium | 5.3 | 2025-03-05 08:21:55 | Deep Dive |
| CVE-2025-23587 | WordPress all-in-one-box-login plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability | Ashek Al Mahmud | all-in-one-box-login | High | 7.1 | 2025-03-03 13:30:14 | Deep Dive |
| CVE-2025-0941 | MET ONE 3400+ Potential Credential Exposure | Beckman Coulter Life Sciences | MET ONE 3400+ | Medium | 5.8 | 2025-02-26 16:28:37 | Deep Dive |
| CVE-2025-27315 | WordPress All-In-One Cufon Plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability | wptom | All-In-One Cufon | Medium | 4.3 | 2025-02-24 14:48:59 | Deep Dive |
| CVE-2025-0591 | Out-of-bounds Read vulnerability in CX-Programmer | OMRON Corporation | FA Integrated Tool Package CX-One | High | 7.8 | 2025-02-16 23:58:32 | Deep Dive |
| CVE-2024-13654 | ZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion | MVPThemes | ZoxPress - The All-In-One WordPress News Theme | High | 8.1 | 2025-02-12 04:22:17 | Deep Dive |
| CVE-2024-13653 | ZoxPress - The All-In-One WordPress News Theme <= 2.12.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update | MVPThemes | ZoxPress - The All-In-One WordPress News Theme | High | 8.8 | 2025-02-12 04:22:16 | Deep Dive |
| CVE-2024-13356 | DSGVO All in one for WP <= 4.6 - Cross-Site Request Forgery to Account Deletion | mlfactory | DSGVO All in one for WP | Medium | 6.5 | 2025-02-04 09:21:07 | Deep Dive |