Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 338 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-5428 Royal Addons for Elementor <= 1.7.1056 - Authenticated (Author+) Stored Cross-Site Scripting via Image Caption Field wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor Medium 6.4 2026-04-24 05:29:39 Deep Dive
CVE-2026-5162 Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via Instagram Feed Widget wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor Medium 6.4 2026-04-17 01:24:37 Deep Dive
CVE-2026-4810 Remote Code Execution in Google Agent Development Kit (ADK) Google CloudAgent Development Kit (ADK) 超危 -2026-04-13 08:35:57 Deep Dive
CVE-2026-40074 SvelteKit's invalidated redirect in handle hook causes Denial-of-Service sveltejskit 中危 -2026-04-10 16:26:07 Deep Dive
CVE-2026-40073 SvelteKit has a BODY_SIZE_LIMIT bypass in @sveltejs/adapter-node sveltejskit 中危 -2026-04-10 16:24:40 Deep Dive
CVE-2026-0664 Royal Elementor Addons <= 1.7.1049 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API Meta Bypass wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor Medium 6.4 2026-04-04 07:41:58 Deep Dive
CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter MediasoftproASP.NET jVideo Kit High 8.2 2026-03-26 11:39:52 Deep Dive
CVE-2026-24362 WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability bdthemesUltimate Post Kit Medium 6.4 2026-03-25 16:14:31 Deep Dive
CVE-2026-28499 LeafKit's HTML escaping may be skipped for Collection values, enabling XSS vaporleaf-kit 中危 -2026-03-18 01:19:36 Deep Dive
CVE-2026-2373 Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor Medium 5.3 2026-03-17 03:36:25 Deep Dive
CVE-2026-1870 Thim Kit for Elementor <= 1.3.7 - Missing Authorization to Unauthenticated Private Course Disclosure thimpressThim Kit for Elementor – Pre-built Templates & Widgets for Elementor Medium 5.3 2026-03-14 13:24:42 Deep Dive
CVE-2025-13067 Royal Addons for Elementor <= 1.7.1049 - Authenticated (Author+) Arbitrary File Upload via main.php Upload Bypass wproyalRoyal Addons for Elementor – Addons and Templates Kit for Elementor High 8.8 2026-03-11 04:25:47 Deep Dive
CVE-2025-1242 Administrative Credentials Can Be Extracted Through Gardyn API Responses GardynHome Kit Critical 9.1 2026-02-25 15:21:48 Deep Dive
CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster vaporleaf-kit Medium 6.1 2026-02-20 21:27:10 Deep Dive
CVE-2026-27118 Cache poisoning in @sveltejs/adapter-vercel sveltejskit--2026-02-20 21:24:56 Deep Dive
CVE-2026-25416 WordPress News Kit Elementor Addons plugin <= 1.4.2 - Broken Access Control vulnerability blazethemesNews Kit Elementor Addons--2026-02-19 08:27:06 Deep Dive
CVE-2026-24947 WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability LA-StudioLA-Studio Element Kit for Elementor--2026-02-03 14:08:34 Deep Dive
CVE-2025-13920 WP Directory Kit <= 1.4.9 - Unauthenticated Email Exposure via wdk_public_action wpdirectorykitWP Directory Kit Medium 5.3 2026-01-24 12:27:16 Deep Dive
CVE-2026-0759 Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability Katana NetworkDevelopment Starter Kit 超危 -2026-01-23 03:28:08 Deep Dive
CVE-2025-9290 Authentication Weakness on Omada Controllers, Gateways and Access Points TP-Link Systems Inc.Omada Software Controller 中危 -2026-01-22 23:14:46 Deep Dive