| CVE-2026-4079 | SQL Chart Builder < 2.3.8 - Unauthenticated SQL Injection | Unknown | SQL Chart Builder | - | - | 2026-04-07 06:00:12 | Deep Dive |
| CVE-2025-12963 | LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart <= 1.2.29 - Missing Authorization to Uanuthenticated Privilege Escalation | lazycoders | LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart | Critical | 9.8 | 2025-12-12 03:20:55 | Deep Dive |
| CVE-2025-8994 | WP Project Manager <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator' | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | Medium | 6.5 | 2025-11-15 05:45:34 | Deep Dive |
| CVE-2025-12753 | Chart Expert <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | sagortouch | Chart Expert | Medium | 6.4 | 2025-11-11 03:30:45 | Deep Dive |
| CVE-2025-11171 | Chartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative Function | ays-pro | Chartify – WordPress Chart Plugin | Medium | 5.3 | 2025-10-08 05:24:49 | Deep Dive |
| CVE-2025-58233 | WordPress SQL Chart Builder Plugin <= 2.3.7.2 - Cross Site Scripting (XSS) Vulnerability | Guaven Labs | SQL Chart Builder | Medium | 6.5 | 2025-09-22 18:23:40 | Deep Dive |
| CVE-2025-8685 | Wp chart generator <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpchart Shortcode | emilien | Wp chart generator | Medium | 6.4 | 2025-08-12 02:24:46 | Deep Dive |
| CVE-2025-6082 | Birth Chart Compatibility <= 2.0 - Unauthenticated Full Path Exposure | mia4 | Birth Chart Compatibility | Medium | 5.3 | 2025-07-22 09:22:43 | Deep Dive |
| CVE-2025-3661 | SB Chart block <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter | bobbingwide | SB Chart block | Medium | 6.4 | 2025-04-19 09:23:03 | Deep Dive |
| CVE-2025-1863 | Insecure default settings for recorder products | Yokogawa Electric Corporation | GX10 / GX20 / GP10 / GP20 Paperless Recorders | Critical | 9.8 | 2025-04-18 05:55:26 | Deep Dive |
| CVE-2025-25077 | WordPress Easy Chart Builder for WordPress plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability | dugbug | Easy Chart Builder for WordPress | Medium | 6.5 | 2025-02-07 10:11:32 | Deep Dive |
| CVE-2024-13349 | Stockdio Historical Chart <= 2.8.18 - Authenticated (Contributor+) Stored Cross-Site Scripting | stockdio | Stockdio Historical Chart | Medium | 6.4 | 2025-01-30 13:42:10 | Deep Dive |
| CVE-2025-23928 | WordPress Google Org Chart plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability | Aleksandar Arsovski | Google Org Chart | Medium | 6.5 | 2025-01-16 20:08:01 | Deep Dive |
| CVE-2024-12428 | WP Data Access – App, Table, Form and Chart Builder plugin <= 5.5.22 - Unauthenticated SQL Injection | peterschulznl | WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards | High | 7.5 | 2024-12-25 04:22:04 | Deep Dive |
| CVE-2024-11430 | SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection | elvinhaci | SQL Chart Builder | Medium | 6.5 | 2024-12-12 03:23:05 | Deep Dive |
| CVE-2024-11601 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:41 | Deep Dive |
| CVE-2024-11104 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:40 | Deep Dive |
| CVE-2024-9542 | Sky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 4.3 | 2024-11-21 11:02:20 | Deep Dive |
| CVE-2024-10571 | Chartify – WordPress Chart Plugin <= 2.9.5 - Unauthenticated Local File Inclusion via source | ays-pro | Chartify – WordPress Chart Plugin | Critical | 9.8 | 2024-11-14 11:00:13 | Deep Dive |
| CVE-2024-7355 | Organization chart <= 1.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title_input and node_description Parameters | wpdevart | Organization chart | Medium | 4.9 | 2024-08-07 12:30:17 | Deep Dive |