d3sca Java-springboot-codebase 1.1 - Arbitrary File Read
webapps java CVE-2025-46822

Mohammed Idrees Banyamer WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass
webapps multiple CVE-2025-2594

Md Shoriful Islam WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
webapps multiple CVE-2025-3605

Alex Messham Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
webapps multiple CVE-2025-32370

Abdualhadi khalifa SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation
webapps multiple CVE-2025-27007

Andrew Long WordPress Depicter Plugin 3.6.1 - SQL Injection
webapps multiple CVE-2025-2011

Ahmed Thaiban ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
webapps python CVE-2025-28062

Sn1p3r-H4ck3r Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
webapps php CVE-2025-47226

Van Lam Nguyen Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
webapps go CVE-n/a

Milad karimi WordPress Core 6.2 - Directory Traversal
webapps php CVE-2023-2745

VeryLazyTech FoxCMS 1.2.5 - Remote Code Execution (RCE)
webapps multiple CVE-2025-29306

Milad karimi Drupal 11.x-dev - Full Path Disclosure
webapps php CVE-2024-45440

samogod KiviCare Clinic & Patient Management System (EHR) 3.6.4 - Unauthenticated SQL Injection
webapps php CVE-2024-11728

Cyd Tseng UJCMS 9.6.3 - User Enumeration via IDOR
webapps multiple CVE-2024-12483

pointedsec Inventio Lite 4 - SQL Injection
webapps php CVE-2024-44541

Arjun Chaudhary Apache Commons Text 1.10.0 - Remote Code Execution
webapps multiple CVE-2022-42889