Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 24 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-12379 Shortcodes and extra features for Phlox theme <= 2.17.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget avertaShortcodes and extra features for Phlox theme Medium 6.4 2026-01-10 13:47:35 Deep Dive
CVE-2025-13215 Shortcodes and extra features for Phlox theme <= 2.17.13 - Unauthenticated Draft Posts Information Exposure avertaShortcodes and extra features for Phlox theme Medium 5.3 2026-01-06 06:36:26 Deep Dive
CVE-2025-62111 WordPress Extra Shortcodes plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability webvitalyExtra Shortcodes Medium 6.5 2025-12-31 13:05:55 Deep Dive
CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability avertaShortcodes and extra features for Phlox theme 中危 -2025-12-30 10:47:54 Deep Dive
CVE-2025-63071 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Sensitive Data Exposure vulnerability avertaShortcodes and extra features for Phlox theme--2025-12-09 14:52:36 Deep Dive
CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability avertaShortcodes and extra features for Phlox theme Medium 4.3 2025-02-03 14:23:50 Deep Dive
CVE-2025-22817 WordPress BP Profile Shortcodes Extra plugin <= 2.6.0 - Cross Site Scripting (XSS) vulnerability VenutiusBP Profile Shortcodes Extra Medium 6.5 2025-01-09 15:39:02 Deep Dive
CVE-2024-12588 Shortcodes and extra features for Phlox theme <= 2.17.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Staff Widget avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-12-21 08:24:00 Deep Dive
CVE-2024-9545 Shortcodes and extra features for Phlox theme <= 2.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via aux_contact_box and aux_gmaps Shortcodes avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-12-21 08:23:59 Deep Dive
CVE-2024-11732 BP Profile Shortcodes Extra <= 2.6.0 - Authenticated (Contributor+) SQL Injection via tab Parameter venutiusBP Profile Shortcodes Extra Medium 6.5 2024-12-03 07:35:01 Deep Dive
CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-10-05 07:39:01 Deep Dive
CVE-2023-37888 WordPress Phlox Core Elements plugin <= 2.14.0 - Unauthenticated Local File Inclusion vulnerability By AvertaShortcodes and extra features for Phlox theme High 7.6 2024-05-17 06:48:41 Deep Dive
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer avertaShortcodes and extra features for Phlox theme High 7.5 2024-05-02 16:52:51 Deep Dive
CVE-2024-3517 Shortcodes and extra features for Phlox theme <= 2.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Widget avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-05-02 16:52:29 Deep Dive
CVE-2024-1533 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-05-02 16:52:23 Deep Dive
CVE-2024-1396 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-05-02 16:52:08 Deep Dive
CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-05-02 16:51:59 Deep Dive
CVE-2024-1348 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-05-02 16:51:45 Deep Dive
CVE-2024-1357 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode avertaShortcodes and extra features for Phlox theme Medium 6.4 2024-04-16 09:33:00 Deep Dive
CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability AvertaShortcodes and extra features for Phlox theme Medium 6.4 2024-04-01 14:07:10 Deep Dive