Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 48 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2016-20060 Hotspot Shield 6.0.3 Unquoted Service Path Privilege Escalation HotspotshieldHotspot Shield High 7.8 2026-04-04 13:51:04 Deep Dive
CVE-2026-0722 Shield Security <= 21.0.8 - Cross-Site Request Forgery to SQL Injection paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 6.5 2026-02-19 04:36:28 Deep Dive
CVE-2026-0561 Shield Security <= 21.0.8 - Unauthenticated Reflected Cross-Site Scripting via 'message' Parameter paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 6.1 2026-02-19 04:36:24 Deep Dive
CVE-2025-14427 Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches <= 21.0.9 - Missing Authorization to Authenticated (Subscriber+) Email MFA Update paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 4.3 2026-02-19 04:36:19 Deep Dive
CVE-2022-41650 WordPress Custom Content by Country plugin <= 3.1.2 - Broken Access Control vulnerability PaulCustom Content by Country (by Shield Security) Medium 6.5 2026-02-17 14:56:34 Deep Dive
CVE-2025-15370 Shield Security <= 21.0.9 - Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 4.3 2026-01-16 04:44:35 Deep Dive
CVE-2025-40710 Host Header Injection (HHI) in the Hotspot Shield VPN client Hotspot ShieldHotspot Shield VPN client--2025-06-30 10:37:05 Deep Dive
CVE-2025-5926 Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting jcontiLink Shield Medium 6.1 2025-06-13 01:47:48 Deep Dive
CVE-2025-32503 WordPress Link Shield plugin <= 0.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability Jose ContiLink Shield High 7.1 2025-04-09 16:09:42 Deep Dive
CVE-2024-7824 Type-confusion vulnerability that can cause the WRSA.exe service to crash and generate a crash dump WebrootSecureAnywhere - Web Shield 中危 -2024-10-03 17:05:38 Deep Dive
CVE-2024-7825 Type confusion that can cause the WRSA.exe service to crash and generate a crash dump WebrootSecureAnywhere - Web Shield 中危 -2024-10-03 17:05:36 Deep Dive
CVE-2024-7826 Unhandled exception vulnerability that can cause the WRSA.exe service to crash and generate a crash dump WebrootSecureAnywhere - Web Shield 中危 -2024-10-03 17:05:33 Deep Dive
CVE-2024-7313 Shield Security < 20.0.6 - Reflected XSS UnknownShield Security--2024-08-26 06:00:03 Deep Dive
CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Medium 4.3 2024-06-02 04:30:31 Deep Dive
CVE-2024-30250 In Astro-Shield, setting a correct `integrity` attribute to injected code allows to bypass the allow-lists kindspellsastro-shield High 7.5 2024-04-04 14:57:52 Deep Dive
CVE-2024-29896 Astro-Shield's Content-Security-Policy header generation in middleware could be compromised by malicious injections KindSpellsastro-shield High 7.5 2024-03-28 12:48:53 Deep Dive
CVE-2023-6989 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 - Unauthenticated Local File Inclusion paultgoodchildShield: Blocks Bots, Protects Users, and Prevents Security Breaches Critical 9.8 2024-02-05 21:21:31 Deep Dive
CVE-2024-22163 WordPress Shield Security Plugin <= 18.5.7 is vulnerable to Cross Site Scripting (XSS) Shield SecurityShield Security – Smart Bot Blocking & Intrusion Prevention Security High 7.1 2024-01-31 17:57:37 Deep Dive
CVE-2023-48707 Cleartext Storage of Sensitive Information in codeigniter4/shield codeigniter4shield Medium 5.0 2023-11-24 17:23:35 Deep Dive
CVE-2023-48708 Insertion of Sensitive Information into Log in codeigniter4/shield codeigniter4shield Medium 5.0 2023-11-24 17:16:16 Deep Dive