| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-32906 | Libsoup: out of bounds reads in soup_headers_parse_request() | - | - | High | 7.5 | 2025-04-14 13:58:40 | Deep Dive |
| CVE-2025-32913 | Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header | - | - | High | 7.5 | 2025-04-14 13:37:37 | Deep Dive |
| CVE-2025-32242 | WordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerability | Hive Support | Hive Support | Medium | 6.5 | 2025-04-10 08:09:47 | Deep Dive |
| CVE-2025-32214 | WordPress Hive Support plugin <= 1.2.11 - Cross Site Scripting (XSS) vulnerability | Hive Support | Hive Support | Medium | 6.5 | 2025-04-10 08:09:45 | Deep Dive |
| CVE-2025-32208 | WordPress Hive Support plugin <= 1.2.5 - Broken Access Control vulnerability | Hive Support | Hive Support | Medium | 6.5 | 2025-04-10 08:09:44 | Deep Dive |
| CVE-2025-31008 | WordPress YouTube Embed plugin <= 5.3.1 - Cross Site Scripting (XSS) Vulnerability | Embeds For YouTube Plugin Support | YouTube Embed | Medium | 5.9 | 2025-04-09 16:10:19 | Deep Dive |
| CVE-2024-13604 | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | logoninc | KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin | High | 7.5 | 2025-04-05 01:44:45 | Deep Dive |
| CVE-2025-32053 | Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() | - | - | Medium | 6.5 | 2025-04-03 13:37:39 | Deep Dive |
| CVE-2025-32052 | Libsoup: heap buffer overflow in sniff_unknown() | - | - | Medium | 6.5 | 2025-04-03 13:37:23 | Deep Dive |
| CVE-2025-32050 | Libsoup: integer overflow in append_param_quoted | - | - | Medium | 5.9 | 2025-04-03 13:36:29 | Deep Dive |
| CVE-2025-32049 | Libsoup: denial of service attack to websocket server | - | - | High | 7.5 | 2025-04-03 13:36:13 | Deep Dive |
| CVE-2025-3155 | Yelp: arbitrary file read | - | - | High | 7.4 | 2025-04-03 13:34:19 | Deep Dive |
| CVE-2025-31626 | WordPress Support Helpdesk Ticket System Lite plugin <= 4.5.2 - Reflected Cross Site Scripting (XSS) vulnerability | M. Ali Saleem | Support Helpdesk Ticket System Lite | High | 7.1 | 2025-04-03 13:27:12 | Deep Dive |
| CVE-2025-2784 | Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content | - | - | High | 7.0 | 2025-04-03 01:40:12 | Deep Dive |
| CVE-2025-31861 | WordPress Perfect Font Awesome Integration Plugin <= 2.3 - Stored Cross Site Scripting (XSS) vulnerability | WPOrbit Support | Perfect Font Awesome Integration | Medium | 6.5 | 2025-04-01 14:52:06 | Deep Dive |
| CVE-2024-13567 | Awesome Support – WordPress HelpDesk & Support Plugin <= 6.3.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory | awesomesupport | Awesome Support – WordPress HelpDesk & Support Plugin | High | 7.5 | 2025-04-01 05:22:46 | Deep Dive |
| CVE-2025-31092 | WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability | Ninja Team | Click to Chat – WP Support All-in-One Floating Widget | Medium | 6.5 | 2025-03-27 23:21:02 | Deep Dive |
| CVE-2025-30854 | WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerability | Vollstart | Serial Codes Generator and Validator with WooCommerce Support | Medium | 4.3 | 2025-03-27 10:55:28 | Deep Dive |
| CVE-2025-30777 | WordPress Support Genix plugin <= 1.4.11 - Insecure Direct Object References (IDOR) Vulnerability | DevItems | Support Genix | Medium | 4.3 | 2025-03-27 10:54:43 | Deep Dive |
| CVE-2025-2542 | Your Simple SVG Support <= 1.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | obbdpu | Your Simple SVG Support | Medium | 6.4 | 2025-03-25 09:22:02 | Deep Dive |