| CVE-2026-6393 | BetterDocs <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 4.3 | 2026-04-24 03:27:06 | Deep Dive |
| CVE-2026-5426 | KnowledgeDeliver deployments before February 24, 2026 use a static ASP.NET/IIS machineKey value | Digital Knowledge | KnowledgeDeliver | - | - | 2026-04-16 15:18:46 | Deep Dive |
| CVE-2026-3875 | BetterDocs <= 4.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 6.4 | 2026-04-16 06:44:52 | Deep Dive |
| CVE-2025-36187 | Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge | IBM | Knowledge Catalog Standard Cartridge | Medium | 4.4 | 2026-03-25 21:26:47 | Deep Dive |
| CVE-2026-1393 | Add Google Social Profiles to Knowledge Graph Box <= 1.0 - Cross-Site Request Forgery to Settings Update | omarnas | Add Google Social Profiles to Knowledge Graph Box | Medium | 4.3 | 2026-03-21 03:26:36 | Deep Dive |
| CVE-2026-25402 | WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability | echoplugins | Knowledge Base for Documentation, FAQs with AI Assistance | - | - | 2026-02-19 08:27:04 | Deep Dive |
| CVE-2025-13921 | weDocs <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post Update | wedevs | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot | Medium | 4.3 | 2026-01-23 13:24:24 | Deep Dive |
| CVE-2025-14574 | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.1.15 - Unauthenticated Sensitive Information Exposure | wedevs | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot | Medium | 5.3 | 2026-01-09 06:34:56 | Deep Dive |
| CVE-2025-14980 | BetterDocs <= 4.3.3 - Authenticated (Contributor+) Sensitive Information Exposure | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 6.5 | 2026-01-09 06:34:53 | Deep Dive |
| CVE-2025-62761 | WordPress Knowledge Base documentation & wiki plugin – BasePress plugin <= 2.17.0.1 - Cross Site Scripting (XSS) vulnerability | BasePress | Knowledge Base documentation & wiki plugin – BasePress | Medium | 6.5 | 2025-12-31 08:44:23 | Deep Dive |
| CVE-2025-68992 | WordPress BWL Knowledge Base Manager plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Knowledge Base Manager | 中危 | - | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-12505 | weDocs <= 2.1.14 - Missing Authorization to Settings Update | wedevs | weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot | Medium | 5.4 | 2025-12-06 04:37:50 | Deep Dive |
| CVE-2025-13469 | Public Knowledge Project omp/ojs Payment Instructions Setting paymentForm.tpl cross site scripting | Public Knowledge Project | omp | Low | 2.4 | 2025-11-20 13:32:11 | Deep Dive |
| CVE-2025-11997 | Document Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information Exposure | ngothoai | Document Pro Elementor – Documentation & Knowledge Base | Medium | 5.3 | 2025-11-11 03:30:40 | Deep Dive |
| CVE-2025-60228 | WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability | designthemes | Knowledge Base | - | - | 2025-10-22 14:32:46 | Deep Dive |
| CVE-2025-49400 | WordPress PressApps Knowledge Base Contextual Sidebar Addon Plugin <= 4.2.1 - PHP Object Injection Vulnerability | osama.esh | PressApps Knowledge Base Contextual Sidebar Addon | Critical | 9.8 | 2025-08-20 08:03:50 | Deep Dive |
| CVE-2025-7499 | BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure | wpdevteam | BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor | Medium | 5.3 | 2025-08-16 07:25:29 | Deep Dive |
| CVE-2025-7431 | Knowledge Base <= 2.3.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Slug | ajay | Knowledge Base | Medium | 4.4 | 2025-07-18 01:44:06 | Deep Dive |
| CVE-2025-52791 | WordPress Knowledge Base – Knowledge Base Maker plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) Vulnerability | devfelixmoira | Knowledge Base – Knowledge Base Maker | High | 7.1 | 2025-06-20 15:03:42 | Deep Dive |
| CVE-2025-5533 | Knowledge Base <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | ajay | Knowledge Base | Medium | 6.4 | 2025-06-06 06:42:48 | Deep Dive |