| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58790 | WordPress Kiwi Plugin <= 2.1.8 - Cross Site Scripting (XSS) Vulnerability | WPKube | Kiwi | Medium | 6.5 | 2025-09-05 13:44:59 | Deep Dive |
| CVE-2024-45718 | Sensitive data disclosure vulnerability | SolarWinds | Kiwi Syslog NG | Medium | 4.6 | 2025-02-11 07:19:22 | Deep Dive |
| CVE-2024-45713 | SolarWinds Kiwi CatTools Sensitive Information Disclosure Vulnerability | SolarWinds | Kiwi CatTools | Medium | 5.1 | 2024-10-17 11:02:33 | Deep Dive |
| CVE-2024-3228 | Social Sharing Plugin – Kiwi <= 2.1.7 - Information Disclosure | wpkube | Social Sharing Plugin – Kiwi | Medium | 5.3 | 2024-07-09 08:33:08 | Deep Dive |
| CVE-2023-36809 | Kiwi TCMS's misconfigured HTTP headers allow stored XSS execution with Firefox | kiwitcms | Kiwi | High | 8.1 | 2023-07-05 21:02:38 | Deep Dive |
| CVE-2021-4362 | WordPress Plugin Kiwi Social Share 安全漏洞 | wpkube | Social Sharing Plugin – Kiwi | Critical | 9.8 | 2023-06-07 01:51:28 | Deep Dive |
| CVE-2023-33977 | Stored cross site scripting (XSS) via unrestricted file upload in Kiwi TCMS | kiwitcms | Kiwi | High | 8.1 | 2023-06-06 18:03:19 | Deep Dive |
| CVE-2023-32686 | kiwitcms vulnerable to stored XSS via unrestricted files upload | kiwitcms | Kiwi | High | 8.1 | 2023-05-27 03:58:10 | Deep Dive |
| CVE-2023-30628 | Kiwi TCMS has command injection vulnerability in changelog.yml CI workflow | kiwitcms | Kiwi | High | 8.8 | 2023-04-24 21:17:33 | Deep Dive |
| CVE-2023-30613 | Kiwi TCMS unrestricted file upload vulnerability | kiwitcms | Kiwi | High | 8.1 | 2023-04-24 16:29:16 | Deep Dive |
| CVE-2023-30544 | Kiwi TCMS may allow user to update email address to unverified one | kiwitcms | Kiwi | Low | 3.9 | 2023-04-24 16:26:09 | Deep Dive |
| CVE-2023-27489 | Stored cross site scripting via SVG file upload in Kiwi TCMS | kiwitcms | Kiwi | High | 7.6 | 2023-03-29 18:30:18 | Deep Dive |
| CVE-2023-25171 | Kiwi TCMS has denial of service vulnerability on Password reset page | kiwitcms | kiwi | High | 7.5 | 2023-02-15 00:00:00 | Deep Dive |
| CVE-2023-25156 | Kiwi TCMS has no protection against brute-force attacks on login page | kiwitcms | kiwi | High | 7.5 | 2023-02-15 00:00:00 | Deep Dive |
| CVE-2023-22451 | Weak password requirements in Kiwi TCMS | kiwitcms | Kiwi | Medium | 6.5 | 2023-01-02 15:56:43 | Deep Dive |
| CVE-2022-4105 | Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi | kiwitcms | kiwitcms/kiwi | 中危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2021-35237 | Clickjacking Vulnerability | SolarWinds | Kiwi Syslog Server | Medium | 5.0 | 2021-10-29 13:32:18 | Deep Dive |
| CVE-2021-35236 | Missing Secure Flag From SSL Cookie | SolarWinds | Kiwi Syslog Server | Low | 3.1 | 2021-10-27 00:57:02 | Deep Dive |
| CVE-2021-35235 | ASP.NET Debug Feature Enabled | SolarWinds | Kiwi Syslog Server | Medium | 5.3 | 2021-10-27 00:55:43 | Deep Dive |
| CVE-2021-35233 | HTTP TRACK & TRACE Methods Enabled | SolarWinds | Kiwi Syslog Server | Medium | 5.3 | 2021-10-27 00:51:36 | Deep Dive |