| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2294 | UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.09 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | Medium | 4.3 | 2026-03-21 03:26:48 | Deep Dive |
| CVE-2026-27091 | WordPress UiPress lite plugin <= 3.5.09 - Broken Access Control vulnerability | UiPress | UiPress lite | Medium | 6.3 | 2026-03-19 06:48:22 | Deep Dive |
| CVE-2025-10938 | UiPress lite <= 3.5.08 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | Medium | 6.5 | 2025-11-21 07:31:56 | Deep Dive |
| CVE-2025-11003 | UiPress lite <= 3.5.08 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | Medium | 6.4 | 2025-11-21 07:31:55 | Deep Dive |
| CVE-2025-11815 | UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.08 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Update | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | Medium | 4.3 | 2025-11-21 07:31:53 | Deep Dive |
| CVE-2025-3053 | UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.07 - Authenticated (Subscriber+) Remote Code Execution | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | High | 8.8 | 2025-05-15 04:21:50 | Deep Dive |
| CVE-2025-1309 | UiPress lite | Effortless custom dashboards, admin themes and pages <= 3.5.04 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update | admintwentytwenty | UiPress lite | Effortless custom dashboards, admin themes and pages | High | 8.8 | 2025-03-07 07:22:24 | Deep Dive |
| CVE-2024-38788 | WordPress UiPress lite plugin <= 3.4.06 - SQL Injection vulnerability | Bởi Admin 2020 | UiPress lite | High | 7.6 | 2024-07-22 10:06:01 | Deep Dive |