| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2027 | AMP Enhancer <= 1.0.49 - Authenticated (Administrator+) Stored Cross-Site Scripting via AMP Custom CSS Setting | ampenhancer | AMP Enhancer – Compatibility Layer for Official AMP Plugin | Medium | 4.4 | 2026-02-14 04:35:40 | Deep Dive |
| CVE-2026-1514 | 2100 Technology|Official Document Management System - Incorrect Authorization | 2100 Technology | Official Document Management System | Medium | 6.5 | 2026-01-28 03:39:56 | Deep Dive |
| CVE-2026-24551 | WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability | monetagwp | Monetag Official Plugin | Medium | 5.4 | 2026-01-23 14:28:53 | Deep Dive |
| CVE-2025-64272 | WordPress Email marketing for WordPress by GetResponse Official plugin <= 1.5.3 - Sensitive Data Exposure vulnerability | GetResponse | Email marketing for WordPress by GetResponse Official | - | - | 2025-12-18 07:22:15 | Deep Dive |
| CVE-2025-64273 | WordPress Email marketing for WordPress by GetResponse Official plugin <= 1.5.3 - Broken Access Control vulnerability | GetResponse | Email marketing for WordPress by GetResponse Official | Medium | 6.5 | 2025-12-18 07:22:15 | Deep Dive |
| CVE-2025-13993 | MailerLite – Signup forms (official) <= 1.7.16 - Authenticated (Administrator+) Stored Cross-Site Scripting | mailerlite | MailerLite – Signup forms (official) | Medium | 5.5 | 2025-12-12 09:20:29 | Deep Dive |
| CVE-2025-49950 | WordPress Official Integration for Billingo plugin <= 4.3.0 - Privilege Escalation vulnerability | billingo | Official Integration for Billingo | High | 7.2 | 2025-10-22 14:32:19 | Deep Dive |
| CVE-2025-8853 | 2100 Technology|Official Document Management System - Authentication Bypass | 2100 Technology | Official Document Management System | Critical | 9.8 | 2025-08-11 09:04:20 | Deep Dive |
| CVE-2025-7620 | DSIC|Cross-browser Components for Official Document Creation - Remote Code Execution | DSIC | Cross-browser Components for Official Document Creation | High | 8.8 | 2025-07-14 03:16:00 | Deep Dive |
| CVE-2025-46498 | WordPress Zalo Official Live Chat plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability | nghialuu | Zalo Official Live Chat | Medium | 5.4 | 2025-04-24 16:09:28 | Deep Dive |
| CVE-2025-32241 | WordPress Official CleverReach WooCommerce Integration plugin <= 3.4.6 - CSRF to Settings Change vulnerability | CleverReach® | Official CleverReach Plugin for WooCommerce | Medium | 6.5 | 2025-04-04 15:59:23 | Deep Dive |
| CVE-2025-28885 | WordPress Fiverr.com Official Search Box plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability | fiverraffiliates | Fiverr.com Official Search Box | Medium | 6.5 | 2025-03-26 14:24:23 | Deep Dive |
| CVE-2025-30604 | WordPress JiangQie Official Website Mini Program plugin <= 1.8.2 - SQL Injection Vulnerability | jiangqie | JiangQie Official Website Mini Program | High | 7.6 | 2025-03-24 13:47:24 | Deep Dive |
| CVE-2025-28876 | WordPress Skrill Official plugin <= 1.0.66 - Cross Site Request Forgery (CSRF) vulnerability | Skrill_Team | Skrill Official | Medium | 4.3 | 2025-03-11 21:00:42 | Deep Dive |
| CVE-2025-0801 | RateMyAgent Official <= 1.4.0 - Cross-Site Request Forgery to API Key Update | ratemyagent | RateMyAgent Official | Medium | 4.3 | 2025-02-28 04:21:57 | Deep Dive |
| CVE-2024-13725 | Keap Official Opt-in Forms <= 2.0.1 - Unauthenticated Limited Local File Inclusion | infusionsoft | Keap Official Opt-in Forms | Critical | 9.8 | 2025-02-18 04:21:16 | Deep Dive |
| CVE-2024-52500 | WordPress Monetag Official Plugin plugin <= 1.1.3 - Broken Access Control vulnerability | monetagwp | Monetag Official Plugin | High | 7.2 | 2025-02-14 12:45:33 | Deep Dive |
| CVE-2024-49249 | WordPress SMSA Shipping plugin <= 2.3 - Arbitrary File Deletion vulnerability | SMSA Express | SMSA Shipping | High | 8.6 | 2025-01-07 10:49:35 | Deep Dive |
| CVE-2024-13061 | 2100 Technology Electronic Official Document Management System - Authentication Bypass | 2100 Technology Electronic | Official Document Management System | Critical | 9.8 | 2024-12-31 11:13:47 | Deep Dive |
| CVE-2024-12066 | SMSA Shipping(official) <= 2.3 - Authenticated (Subscriber+) Arbitrary File Deletion | smsaexpress | SMSA Shipping (official) | High | 8.8 | 2024-12-21 07:02:59 | Deep Dive |