Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 587 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-0894 Content Blocks (Custom Post Widget) <= 3.3.9 - Authenticated (Author+) Stored Cross-Site Scripting via content_block Shortcode vanderwijkContent Blocks (Custom Post Widget) Medium 6.4 2026-04-18 09:26:52 Deep Dive
CVE-2026-6443 Essentialplugin Plugins (Various Versions) - Injected Backdoor essentialpluginAccordion and Accordion Slider Critical 9.8 2026-04-17 06:44:49 Deep Dive
CVE-2026-4949 ProfilePress <= 4.16.12 - Missing Authorization to Authenticated (Subscriber+) Inactive Membership Plan Subscription properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 4.3 2026-04-15 22:26:06 Deep Dive
CVE-2026-5756 Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services (COS) Data Recognition CorporationCentral Office Services - Content Hosting Component 中危 -2026-04-14 17:51:54 Deep Dive
CVE-2026-34261 Missing Authorization check in SAP Business Analytics and SAP Content Management SAP_SESAP Business Analytics and SAP Content Management Medium 6.5 2026-04-14 00:08:51 Deep Dive
CVE-2026-6203 User Registration & Membership <= 5.1.4 - Unauthenticated Open Redirect via 'redirect_to_on_logout' Parameter wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.1 2026-04-13 22:25:54 Deep Dive
CVE-2026-6184 code-projects Simple Content Management System welcome.php cross site scripting code-projectsSimple Content Management System Low 2.4 2026-04-13 15:00:21 Deep Dive
CVE-2026-6183 code-projects Simple Content Management System index.php sql injection code-projectsSimple Content Management System High 7.3 2026-04-13 14:45:12 Deep Dive
CVE-2026-6182 code-projects Simple Content Management System login.php sql injection code-projectsSimple Content Management System High 7.3 2026-04-13 14:30:15 Deep Dive
CVE-2026-1865 User Registration & Membership <= 5.1.2 - Authenticated (Subscriber+) SQL Injection via membership_ids[] wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.5 2026-04-08 11:16:57 Deep Dive
CVE-2026-39639 WordPress RPS Include Content plugin <= 1.2.2 - Broken Access Control vulnerability redpixelstudiosRPS Include Content--2026-04-08 08:30:32 Deep Dive
CVE-2026-39521 WordPress Nelio Content plugin <= 4.3.1 - Server Side Request Forgery (SSRF) vulnerability Nelio SoftwareNelio Content--2026-04-08 08:30:16 Deep Dive
CVE-2026-35213 Regular Expression Denial of Service (ReDoS) in @hapi/content HTTP header parsing hapijscontent--2026-04-06 20:08:55 Deep Dive
CVE-2026-3309 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Unauthenticated Arbitrary Shortcode Execution via Checkout Billing Fields properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 6.5 2026-04-04 11:16:15 Deep Dive
CVE-2026-3445 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.11 - Missing Authorization to Authenticated (Subscriber+) Membership Payment Bypass properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2026-04-04 08:25:20 Deep Dive
CVE-2025-15064 Ultimate Member <= 2.11.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via DOM Gadgets ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 6.4 2026-04-04 07:41:57 Deep Dive
CVE-2026-3571 Pie Register – User Registration, Profiles & Content Restriction <= 3.8.4.8 - Missing Authorization to Unauthenticated Registration Form Status Modification genetechproductsPie Register – User Registration, Profiles & Content Restriction Medium 6.5 2026-04-04 01:24:06 Deep Dive
CVE-2026-5333 DefaultFuction Content-Management-System tools.php command injection DefaultFuctionContent-Management-System High 7.3 2026-04-02 13:30:15 Deep Dive
CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability IBMContent Navigator Medium 5.4 2026-04-02 00:14:31 Deep Dive
CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 8.0 2026-03-27 22:26:23 Deep Dive