| CVE-2026-5758 | Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution | Mafintosh | Protocol-buffers-schema parser | 中危 | - | 2026-04-15 17:20:14 | Deep Dive |
| CVE-2026-25344 | WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability | RadiusTheme | Review Schema | 中危 | - | 2026-03-25 16:14:43 | Deep Dive |
| CVE-2025-10679 | ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Limited Remote Code Execution | reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema | High | 7.3 | 2026-03-23 05:29:39 | Deep Dive |
| CVE-2025-10734 | ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure | reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema | Medium | 5.3 | 2026-03-23 05:29:39 | Deep Dive |
| CVE-2025-10731 | ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export | reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema | Medium | 5.3 | 2026-03-23 05:29:38 | Deep Dive |
| CVE-2025-10736 | ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation | reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema | Medium | 6.5 | 2026-03-23 04:26:48 | Deep Dive |
| CVE-2026-1575 | Schema Shortcode <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | jeric_izon | Schema Shortcode | Medium | 6.4 | 2026-03-21 03:27:01 | Deep Dive |
| CVE-2025-14069 | Schema & Structured Data for WP & AMP <= 1.54 - Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema | magazine3 | Schema & Structured Data for WP & AMP | Medium | 6.4 | 2026-01-23 05:29:51 | Deep Dive |
| CVE-2025-11502 | Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting | magazine3 | Schema & Structured Data for WP & AMP | Medium | 6.4 | 2025-11-01 05:40:25 | Deep Dive |
| CVE-2025-12118 | Schema Scalpel <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title in JSON-LD Schema | kevingillispie | Schema Scalpel | Medium | 6.4 | 2025-11-01 04:27:41 | Deep Dive |
| CVE-2025-7825 | Schema Plugin For Divi, Gutenberg & Shortcodes <= 4.3.2 - Authenticated (Contributor+) Object Instantiation | wpt00ls | Schema Plugin For Divi, Gutenberg & Shortcodes | Medium | 6.3 | 2025-10-03 11:17:21 | Deep Dive |
| CVE-2025-9512 | Schema & Structured Data for WP & AMP < 1.50 - Unauthenticated Stored-XSS | Unknown | Schema & Structured Data for WP & AMP | - | - | 2025-10-01 06:00:03 | Deep Dive |
| CVE-2025-4127 | WP SEO Structured Data Schema <= 2.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Settings | kcseopro | WP SEO Structured Data Schema | Medium | 6.4 | 2025-05-08 06:39:51 | Deep Dive |
| CVE-2025-1707 | Review Schema <= 2.2.4 - Authenticated (Contributor+) Local File Inclusion via Post Meta | techlabpro1 | Review Schema – Review & Structure Data Schema Plugin | High | 8.8 | 2025-03-11 21:21:13 | Deep Dive |
| CVE-2024-13589 | YouTube Playlists with Schema <= 2.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | johnnya23 | YouTube Playlists with Schema | Medium | 6.4 | 2025-02-19 07:32:06 | Deep Dive |
| CVE-2024-12176 | WordLift – AI powered SEO – Schema <= 3.54.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update | wordlift | WordLift – AI powered SEO – Schema | Medium | 5.3 | 2025-01-07 04:22:19 | Deep Dive |
| CVE-2024-37452 | WordPress Schema Lite theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability | MyThemeShop | Schema Lite | Medium | 4.3 | 2025-01-02 13:30:05 | Deep Dive |
| CVE-2023-44258 | WordPress Schema App Structured Data plugin <= 1.23.1 - Broken Access Control + CSRF vulnerability | vberkel | Schema App Structured Data | 中危 | - | 2025-01-02 11:59:46 | Deep Dive |
| CVE-2024-11279 | Schema App Structured Data <= 2.2.4 - Reflected Cross-Site Scripting | vberkel | Schema App Structured Data | Medium | 6.1 | 2024-12-12 03:23:06 | Deep Dive |
| CVE-2024-49683 | WordPress Schema & Structured Data for WP & AMP plugin <= 1.3.5 - Sensitive Data Exposure vulnerability | Magazine3 | Schema & Structured Data for WP & AMP | Medium | 5.3 | 2024-10-24 11:37:49 | Deep Dive |