| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4414 | WordPress CMSMasters Content Composer plugin < 2.5.7 - Local File Inclusion vulnerability | cmsmasters | CMSMasters Content Composer | High | 8.1 | 2025-07-04 11:17:51 | Deep Dive |
| CVE-2025-53301 | WordPress Theme Junkie Team Content plugin <= 0.1.1 - Cross Site Scripting (XSS) Vulnerability | Theme Junkie | Theme Junkie Team Content | Medium | 6.5 | 2025-06-27 13:21:30 | Deep Dive |
| CVE-2025-28993 | WordPress Content No Cache plugin <= 0.1.4 - Arbitrary Function Call vulnerability | Jose Mortellaro | Content No Cache | High | 8.6 | 2025-06-27 11:52:41 | Deep Dive |
| CVE-2025-6206 | Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.5.0 - Authenticated (Subscriber+) Arbitrary File Upload | CodeRevolution | Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit | High | 7.5 | 2025-06-24 08:23:55 | Deep Dive |
| CVE-2025-49234 | WordPress WP Dummy Content Generator plugin <= 3.4.6 - Arbitrary User Deletion vulnerability | Deepak anand | WP Dummy Content Generator | Medium | 6.5 | 2025-06-17 15:01:31 | Deep Dive |
| CVE-2025-49875 | WordPress If-So Dynamic Content Personalization plugin <= 1.9.3.1 - Cross Site Scripting (XSS) Vulnerability | If-So Dynamic Content | If-So Dynamic Content Personalization | Medium | 6.5 | 2025-06-17 15:01:15 | Deep Dive |
| CVE-2025-4315 | CubeWP – All-in-One Dynamic Content Framework <= 1.1.23 - Authenticated (Subscriber+) Privilege Escalation | cubewp1211 | CubeWP Framework | High | 8.8 | 2025-06-11 09:22:33 | Deep Dive |
| CVE-2025-30634 | WordPress WP Featured Content Slider plugin <= 2.6 - Cross Site Scripting (XSS) Vulnerability | IWEBIX | WP Featured Content Slider | Medium | 5.9 | 2025-06-06 12:54:22 | Deep Dive |
| CVE-2025-1777 | BM Content Builder <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via ux_cb_page_options_save | SeaTheme | BM Content Builder | Medium | 6.4 | 2025-06-06 05:22:43 | Deep Dive |
| CVE-2025-5633 | code-projects/anirbandutta9 Content Management System/News-Buzz users.php sql injection | code-projects | Content Management System | Medium | 6.3 | 2025-06-05 03:31:05 | Deep Dive |
| CVE-2025-5632 | code-projects/anirbandutta9 Content Management System/News-Buzz users.php sql injection | code-projects | Content Management System | Medium | 6.3 | 2025-06-05 03:00:11 | Deep Dive |
| CVE-2025-5631 | code-projects/anirbandutta9 Content Management System/News-Buzz publicposts.php sql injection | code-projects | Content Management System | High | 7.3 | 2025-06-05 02:31:05 | Deep Dive |
| CVE-2025-48009 | Single Content Sync - Moderately critical - Access bypass - SA-CONTRIB-2025-060 | Drupal | Single Content Sync | - | - | 2025-05-21 16:22:45 | Deep Dive |
| CVE-2024-51475 | IBM Content Navigator HTML injection | IBM | Content Navigator | Medium | 5.4 | 2025-05-16 00:44:44 | Deep Dive |
| CVE-2024-6667 | kbucket < 4.1.5 - Reflected XSS | Unknown | KBucket: Your Curated Content in WordPress | - | - | 2025-05-15 20:07:08 | Deep Dive |
| CVE-2024-6665 | kbucket < 4.1.6 - Admin+ Stored XSS | Unknown | KBucket: Your Curated Content in WordPress | - | - | 2025-05-15 20:07:08 | Deep Dive |
| CVE-2024-5440 | If-So Dynamic Content Personalization < 1.8.0.3 - Contributor+ Shortcode Stored XSS | Unknown | If-So Dynamic Content Personalization | - | - | 2025-05-15 20:07:06 | Deep Dive |
| CVE-2025-4579 | WP Content Security Plugin <= 2.3 - Unauthenticated Stored Cross-Site Scripting via CSP-Report Fields | dyland | WP Content Security Plugin | High | 7.2 | 2025-05-15 01:59:24 | Deep Dive |
| CVE-2025-4545 | CTCMS Content Management System File Tpl.php del path traversal | CTCMS | Content Management System | Medium | 5.4 | 2025-05-11 19:31:04 | Deep Dive |
| CVE-2025-47501 | WordPress Content Control plugin <= 2.6.1 - Cross Site Scripting (XSS) Vulnerability | Daniel Iser | Content Control | Medium | 6.5 | 2025-05-07 14:19:57 | Deep Dive |