{
"Source": "CVE FEED",
"Title": "CVE-2025-62136 - WordPress Melos theme <= 1.6.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62136
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Melos allows Stored XSS.This issue affects Melos: from n/a through 1.6.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62136 - WordPress Melos theme <= 1.6.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62136
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Melos allows Stored XSS.This issue affects Melos: from n/a through 1.6.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62137 - WordPress Shuttle theme <= 1.5.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62137
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shuttlethemes Shuttle allows Stored XSS.This issue affects Shuttle: from n/a through 1.5.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62137 - WordPress Shuttle theme <= 1.5.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62137
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shuttlethemes Shuttle allows Stored XSS.This issue affects Shuttle: from n/a through 1.5.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62146 - WordPress MX Time Zone Clocks plugin <= 5.1.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62146
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks allows Stored XSS.This issue affects MX Time Zone Clocks: from n/a through 5.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62146 - WordPress MX Time Zone Clocks plugin <= 5.1.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62146
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks allows Stored XSS.This issue affects MX Time Zone Clocks: from n/a through 5.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62758 - WordPress Funnelforms Free plugin <= 3.8 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62758
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Funnelforms Funnelforms Free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through 3.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62758 - WordPress Funnelforms Free plugin <= 3.8 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62758
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Funnelforms Funnelforms Free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through 3.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62759 - WordPress Series plugin <= 2.0.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62759
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series allows Stored XSS.This issue affects Series: from n/a through 2.0.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62759 - WordPress Series plugin <= 2.0.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62759
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series allows Stored XSS.This issue affects Series: from n/a through 2.0.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62760 - WordPress BuddyPress Activity Shortcode plugin <= 1.1.8 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62760
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BuddyDev BuddyPress Activity Shortcode allows Stored XSS.This issue affects BuddyPress Activity Shortcode: from n/a through 1.1.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62760 - WordPress BuddyPress Activity Shortcode plugin <= 1.1.8 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62760
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BuddyDev BuddyPress Activity Shortcode allows Stored XSS.This issue affects BuddyPress Activity Shortcode: from n/a through 1.1.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62761 - WordPress Knowledge Base documentation & wiki plugin – BasePress plugin <= 2.17.0.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62761
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.17.0.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62761 - WordPress Knowledge Base documentation & wiki plugin – BasePress plugin <= 2.17.0.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62761
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.17.0.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-49028 - WordPress Zoho ZeptoMail plugin <= 3.3.1 - cross site request forgery (csrf) to stored xss vulnerability",
"Content": "CVE ID : CVE-2025-49028
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Zoho Mail Zoho ZeptoMail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through 3.3.1.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-49028 - WordPress Zoho ZeptoMail plugin <= 3.3.1 - cross site request forgery (csrf) to stored xss vulnerability",
"Content": "CVE ID : CVE-2025-49028
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Zoho Mail Zoho ZeptoMail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through 3.3.1.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-15388 - QNO Technology|VPN Firewall - OS Command Injection",
"Content": "CVE ID : CVE-2025-15388
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-15388 - QNO Technology|VPN Firewall - OS Command Injection",
"Content": "CVE ID : CVE-2025-15388
Published : Dec. 31, 2025, 9:15 a.m. | 1 hour, 46 minutes ago
Description : VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-63032 - WordPress Consulting theme <= 1.5.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-63032
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-63032 - WordPress Consulting theme <= 1.5.0 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-63032
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Consulting allows Stored XSS.This issue affects Consulting: from n/a through 1.5.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62748 - WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62748
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62748 - WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.5 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62748
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62749 - WordPress User Specific Content plugin <= 1.0.6 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62749
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62749 - WordPress User Specific Content plugin <= 1.0.6 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62749
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bainternet User Specific Content allows DOM-Based XSS.This issue affects User Specific Content: from n/a through 1.0.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62752 - WordPress Calendar.online / Kalender.digital plugin <= 1.0.11 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62752
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kalender.Digital Calendar.Online / Kalender.Digital allows DOM-Based XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.11.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62752 - WordPress Calendar.online / Kalender.digital plugin <= 1.0.11 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62752
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kalender.Digital Calendar.Online / Kalender.Digital allows DOM-Based XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.11.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62756 - WordPress The Moneytizer plugin <= 10.0.6 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62756
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lvaudore The Moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through 10.0.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62756 - WordPress The Moneytizer plugin <= 10.0.6 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62756
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lvaudore The Moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through 10.0.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62757 - WordPress WebMan Amplifier plugin <= 1.5.12 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62757
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62757 - WordPress WebMan Amplifier plugin <= 1.5.12 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62757
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62991 - WordPress Minamaze theme <= 1.10.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62991
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Minamaze allows Stored XSS.This issue affects Minamaze: from n/a through 1.10.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62991 - WordPress Minamaze theme <= 1.10.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62991
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThinkUpThemes Minamaze allows Stored XSS.This issue affects Minamaze: from n/a through 1.10.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62135 - WordPress Responsive Block Control plugin <= 1.2.9 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62135
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in landwire Responsive Block Control allows DOM-Based XSS.This issue affects Responsive Block Control: from n/a through 1.2.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62135 - WordPress Responsive Block Control plugin <= 1.2.9 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-62135
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in landwire Responsive Block Control allows DOM-Based XSS.This issue affects Responsive Block Control: from n/a through 1.2.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-49358 - WordPress Content Fetcher plugin <= 1.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-49358
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ruhul Amin Content Fetcher allows DOM-Based XSS.This issue affects Content Fetcher: from n/a through 1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-49358 - WordPress Content Fetcher plugin <= 1.1 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-49358
Published : Dec. 31, 2025, 12:16 p.m. | 47 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ruhul Amin Content Fetcher allows DOM-Based XSS.This issue affects Content Fetcher: from n/a through 1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-49349 - WordPress Reuters Direct plugin <= 3.0.0 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-49349
Published : Dec. 31, 2025, 2:48 p.m. | 17 minutes ago
Description : Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-49349 - WordPress Reuters Direct plugin <= 3.0.0 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-49349
Published : Dec. 31, 2025, 2:48 p.m. | 17 minutes ago
Description : Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62098 - WordPress Portfolio Gallery plugin <= 1.4.8 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-62098
Published : Dec. 31, 2025, 2:47 p.m. | 18 minutes ago
Description : Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62098 - WordPress Portfolio Gallery plugin <= 1.4.8 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-62098
Published : Dec. 31, 2025, 2:47 p.m. | 18 minutes ago
Description : Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
{
"Source": "CVE FEED",
"Title": "CVE-2025-62091 - WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.8.2 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-62091
Published : Dec. 31, 2025, 2:19 p.m. | 46 minutes ago
Description : Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹
"Source": "CVE FEED",
"Title": "CVE-2025-62091 - WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.8.2 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-62091
Published : Dec. 31, 2025, 2:19 p.m. | 46 minutes ago
Description : Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.8.2.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "31 Dec 2025",
"Type": "Vulnerability"
}
🔹 t.me/cvedetector 🔹