Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 45 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-27984 WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability Marketing FireWidget Options 中危 -2026-03-05 05:54:04 Deep Dive
CVE-2026-2296 Product Addons for Woocommerce – Product Options with Custom Fields <= 3.1.0 - Authenticated (Shop Manager+) Code Injection via Conditional Logic 'operator' Parameter acowebsProduct Addons for Woocommerce – Product Options with Custom Fields High 7.2 2026-02-18 06:42:43 Deep Dive
CVE-2025-13391 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.60 - Missing Authorization to Unauthenticated Arbitrary Attachment and Dropbox File Deletion MooMooProduct Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) Medium 5.8 2026-02-11 16:25:10 Deep Dive
CVE-2026-24526 WordPress Email Inquiry & Cart Options for WooCommerce plugin <= 3.4.3 - Cross Site Scripting (XSS) vulnerability Steve TrumanEmail Inquiry &amp; Cart Options for WooCommerce Medium 6.5 2026-01-23 14:28:49 Deep Dive
CVE-2025-68839 WordPress Easy Theme Options plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability Remi CorsonEasy Theme Options--2026-01-22 16:52:09 Deep Dive
CVE-2026-0833 Team Section Block <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Network Link bpluginsTeam Section Block – Showcase Team Members with Layout Options Medium 6.4 2026-01-17 06:42:19 Deep Dive
CVE-2025-14367 Easy Theme Options <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Import corsonrEasy Theme Options Medium 5.3 2025-12-13 04:31:29 Deep Dive
CVE-2025-60248 WordPress WPC Product Options for WooCommerce plugin <= 3.1.3 - Local File Inclusion vulnerability WPCleverWPC Product Options for WooCommerce 中危 -2025-11-06 15:55:21 Deep Dive
CVE-2025-12069 WP Global Screen Options <= 0.2 - Cross-Site Request Forgery to Screen Options Update stiandWP Global Screen Options Medium 4.3 2025-11-04 03:26:47 Deep Dive
CVE-2025-10580 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting marketingfireWidget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets Medium 6.4 2025-10-25 06:49:23 Deep Dive
CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability Tusko TrushAdvanced Custom Fields : CPT Options Pages--2025-10-22 14:32:43 Deep Dive
CVE-2025-10131 All Social Share Options <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting codiblogAll Social Share Options Medium 6.4 2025-09-30 03:35:28 Deep Dive
CVE-2025-10412 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.55 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file' MooMooProduct Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) Critical 9.8 2025-09-23 09:25:57 Deep Dive
CVE-2025-8902 Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting Marketing Fire, LLCWidget Options - Extended Medium 6.4 2025-09-23 03:34:35 Deep Dive
CVE-2025-28981 WordPress WP Mail Options plugin <= 0.2.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability SoliWP Mail Options High 7.1 2025-06-06 12:54:32 Deep Dive
CVE-2025-25121 WordPress Theme Options Z Plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability shyammakwanaTheme Options Z High 7.1 2025-03-03 13:30:24 Deep Dive
CVE-2025-23813 WordPress Guten Free Options Plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability Tony HayesGuten Free Options High 7.1 2025-03-03 13:30:19 Deep Dive
CVE-2025-23473 WordPress Killer Theme Options plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability Punit BhalodiyaKiller Theme Options High 7.1 2025-03-03 13:30:05 Deep Dive
CVE-2025-27301 WordPress NHR Options Table Manager Plugin <= 1.1.2 - Deserialization of untrusted data vulnerability Nazmul Hasan RobinNHR Options Table Manager High 7.2 2025-02-24 14:48:54 Deep Dive
CVE-2025-23905 WordPress Admin Options Pages plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability Johannes van PoelgeestAdmin Options Pages High 7.1 2025-02-14 12:45:34 Deep Dive