Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 31 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-13587 Two Factor (2FA) Authentication via Email <= 1.9.8 - Two-Factor Authentication Bypass via token ss88_ukTwo Factor (2FA) Authentication via Email Medium 6.5 2026-02-19 04:36:06 Deep Dive
CVE-2025-10293 Keyy Two Factor Authentication (like Clef) <= 1.2.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover nexistKeyy Two Factor Authentication (like Clef) High 8.8 2025-10-15 08:25:50 Deep Dive
CVE-2025-58658 WordPress Proof Factor – Social Proof Notifications Plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability Proof Factor LLCProof Factor &#8211; Social Proof Notifications Medium 5.9 2025-09-22 18:23:04 Deep Dive
CVE-2025-7030 Two-factor Authentication (TFA) - Less critical - Access bypass - SA-CONTRIB-2025-085 DrupalTwo-factor Authentication (TFA)--2025-07-08 20:54:14 Deep Dive
CVE-2025-31694 Two-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2025-023 DrupalTwo-factor Authentication (TFA) 中危 -2025-03-31 21:51:40 Deep Dive
CVE-2024-13279 Two-factor Authentication (TFA) - Critical - Access bypass - SA-CONTRIB-2024-043 DrupalTwo-factor Authentication (TFA) 中危 -2025-01-09 19:31:46 Deep Dive
CVE-2024-13239 Two-factor Authentication (TFA) - Moderately critical - Access bypass - SA-CONTRIB-2024-003 DrupalTwo-factor Authentication (TFA) 中危 -2025-01-09 18:35:46 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-8796 Insufficient Default OTP Shared Secret Length devise-two-factordevise-two-factor Medium 5.3 2024-09-17 17:12:13 Deep Dive
CVE-2022-4536 IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass youtagTwo-factor authentication (formerly IP Vault) Medium 5.3 2024-08-31 08:35:18 Deep Dive
CVE-2024-5658 CraftCMS Plugin - Two-Factor Authentication - TOTP Token Stays Valid After Use Born05CraftCMS Plugin - Two-Factor Authentication Medium 4.8 2024-06-06 10:32:07 Deep Dive
CVE-2024-5657 CraftCMS Plugin - Two-Factor Authentication - Password Hash Disclosure Born05CraftCMS Plugin - Two-Factor Authentication Low 3.7 2024-06-06 10:29:40 Deep Dive
CVE-2023-6506 WP 2FA <= 2.5.0 - Insecure Direct Object Reference to Arbitrary Email Sending melapressWP 2FA – Two-factor authentication for WordPress Medium 4.3 2024-01-11 06:49:34 Deep Dive
CVE-2023-6520 WP 2FA – Two-factor authentication for WordPress <= 2.5.0 - Cross-Site Request Forgery melapressWP 2FA – Two-factor authentication for WordPress Medium 4.3 2024-01-11 06:49:30 Deep Dive
CVE-2023-28786 WordPress Solid Security Plugin <= 8.1.4 is vulnerable to Open Redirection SolidWPSolid Security – Password, Two Factor Authentication, and Brute Force Protection Low 3.7 2023-12-29 09:46:32 Deep Dive
CVE-2022-44589 WordPress miniOrange's Google Authenticator Plugin <= 5.6.1 is vulnerable to Sensitive Data Exposure miniOrangeminiOrange's Google Authenticator – WordPress Two Factor Authentication – 2FA , Two Factor, OTP SMS and Email | Passwordless login High 8.1 2023-12-29 09:40:07 Deep Dive
CVE-2022-4943 miniOrange's Google Authenticator <= 5.6.5 - Missing Authorization to Plugin Settings Change cyberlord92miniOrange 2FA – Two-Factor Authentication for WordPress (SMS, Email & Google Authenticator) High 7.5 2023-10-20 07:29:21 Deep Dive
CVE-2022-1321 miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting UnknownminiOrange's Google Authenticator – WordPress Two Factor Authentication (2FA , Two Factor, OTP SMS and Email) | Passwordless login 中危 -2022-06-27 08:56:28 Deep Dive
CVE-2022-1527 WP 2FA < 2.2.1 - Reflected Cross-Site Scripting UnknownWP 2FA – Two-factor authentication for WordPress 中危 -2022-05-30 08:35:48 Deep Dive
CVE-2021-43177 Devise-Two-Factor 安全漏洞 Tinfoildevise-two-factor 中危 -2022-04-11 19:37:40 Deep Dive