Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

328 New today

65,671 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

Jun 13

Jun 14

443

Jun 15

630

Jun 16

464

Jun 17

Jun 18

352

Jun 19

Jun 20

104

Jun 21

317

Jun 22

294

Jun 23

355

Jun 24

376

Jun 25

Jun 26

Critical

High

Medium

Low

Latest

CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update

Vulnerability Details Basic Information Title CVE-2025-3058 Xelion Webchat

Apr 24, 2025

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
Unknown	ADV-1369	CVE-2025-3065 Database Toolset <= 1.8.4 - Unauthenticated Arbitrary File Deletion Vulnerability Details Basic Information Title CVE-2025-3065 Database Toolset	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1368	CVE-2025-2543 Advanced Accordion Gutenberg Block <= 5.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload Vulnerability Details Basic Information Title CVE-2025-2543 Advanced Accordion Gutenberg Block	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1367	CVE-2025-3101 Configurator Theme Core <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation Vulnerability Details Basic Information Title CVE-2025-3101 Configurator Theme Core	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1366	CVE-2025-3604 Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover Vulnerability Details Basic Information Title CVE-2025-3604 Flynax Bridge	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1365	CVE-2025-3607 Frontend Login and Registration Blocks <= 1.0.7 - Authenticated (Subscriber+) Privilege Escalation via Password Reset Vulnerability Details Basic Information Title CVE-2025-3607 Frontend Login and Registration Blocks	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1364	CVE-2025-2579 Lottie Player <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload Vulnerability Details Basic Information Title CVE-2025-2579 Lottie Player	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1363	CVE-2025-3300 WPMasterToolKit (WPMTK) – All in one plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write Vulnerability Details Basic Information Title CVE-2025-3300 WPMasterToolKit (WPMTK) – All in one plugin	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1362	CVE-2025-3832 FuseDesk <= 6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via successredirect Parameter Vulnerability Details Basic Information Title CVE-2025-3832 FuseDesk	N/A	N/A	Apr 24, 2025	NEWS
Unknown	ADV-1361	CVE-2025-3280 ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes <= 1.4.9 - Authenticated (Subscriber+) SQL Injection Vulnerability Details Basic Information Title CVE-2025-3280 ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes	N/A	N/A	Apr 24, 2025	NEWS

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

CVE-2025-3058 Xelion Webchat <= 9.1.0 - Authenticated (Subscriber+) Arbitrary Options Update

Recent Advisories

CVE-2025-3065 Database Toolset <= 1.8.4 - Unauthenticated Arbitrary File Deletion

CVE-2025-2543 Advanced Accordion Gutenberg Block <= 5.0.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

CVE-2025-3101 Configurator Theme Core <= 1.4.7 - Authenticated (Subscriber+) Privilege Escalation

CVE-2025-3604 Flynax Bridge <= 2.2.0 - Unauthenticated Privilege Escalation via Account Takeover

CVE-2025-3607 Frontend Login and Registration Blocks <= 1.0.7 - Authenticated (Subscriber+) Privilege Escalation via Password Reset

CVE-2025-2579 Lottie Player <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload

CVE-2025-3300 WPMasterToolKit (WPMTK) – All in one plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write

CVE-2025-3832 FuseDesk <= 6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via successredirect Parameter

CVE-2025-3280 ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes <= 1.4.9 - Authenticated (Subscriber+) SQL Injection

Protect Your Attack Surface with RedGem

Security Intelligence
Feed