Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 182 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-5217 Optimole <= 4.2.2 - Unauthenticated Stored Cross-Site Scripting via Srcset Descriptor Parameter optimoleOptimole – Optimize Images in Real Time High 7.2 2026-04-11 01:24:59 Deep Dive
CVE-2026-5226 Optimole <= 4.2.3 - Reflected Cross-Site Scripting via Page Profiler URL optimoleOptimole – Optimize Images in Real Time Medium 6.1 2026-04-11 01:24:58 Deep Dive
CVE-2026-4303 WP Visitor Statistics (Real Time Traffic) <= 8.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'height' Shortcode Attribute osamaeshWP Visitor Statistics (Real Time Traffic) Medium 6.4 2026-04-08 09:25:49 Deep Dive
CVE-2026-2936 Visitor Traffic Real Time Statistics <= 8.4 - Unauthenticated Stored Cross-Site Scripting wp-buyVisitor Traffic Real Time Statistics High 7.2 2026-04-04 11:16:17 Deep Dive
CVE-2025-9497 Hardcoded Upgrade Decryption Passwords MicrochipTime Provider 4100 中危 -2026-03-28 10:58:30 Deep Dive
CVE-2026-3427 Yoast SEO <= 27.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute yoastYoast SEO – Advanced SEO with real-time guidance and built-in AI Medium 6.4 2026-03-22 03:26:35 Deep Dive
CVE-2026-32432 WordPress WP Time Slots Booking Form plugin <= 1.2.42 - Broken Access Control vulnerability codepeopleWP Time Slots Booking Form 中危 -2026-03-13 11:42:18 Deep Dive
CVE-2026-32362 WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.3 - Broken Access Control vulnerability activity-log.comWP Sessions Time Monitoring Full Automatic 中危 -2026-03-13 11:42:05 Deep Dive
CVE-2025-47904 Unsigned upgrade package MicrochipTime Provider 4100--2026-02-24 15:34:21 Deep Dive
CVE-2025-13048 Official StatCounter Plugin <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nickname statcounterStatCounter – Free Real Time Visitor Stats Medium 6.4 2026-02-19 03:25:19 Deep Dive
CVE-2025-59920 SQL injection in time@work from systems@work systems at worktime at work--2026-02-18 13:41:02 Deep Dive
CVE-2026-25727 time affected by a stack exhaustion denial of service attack time-rstime--2026-02-06 19:20:56 Deep Dive
CVE-2026-1293 Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-schema' Block Attribute yoastYoast SEO – Advanced SEO with real-time guidance and built-in AI Medium 6.4 2026-02-06 11:21:31 Deep Dive
CVE-2020-37059 Popcorn Time 6.2 - 'Update service' Unquoted Service Path GetpopcorntimePopcorn Time High 7.8 2026-01-30 16:16:41 Deep Dive
CVE-2025-13982 Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120 DrupalLogin Time Restriction--2026-01-28 20:01:53 Deep Dive
CVE-2025-62146 WordPress MX Time Zone Clocks plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability Maksym MarkoMX Time Zone Clocks Medium 6.5 2025-12-31 08:47:52 Deep Dive
CVE-2025-68569 WordPress WP Time Slots Booking Form plugin <= 1.2.39 - Broken Access Control vulnerability codepeopleWP Time Slots Booking Form Medium 6.5 2025-12-24 13:10:37 Deep Dive
CVE-2025-67983 WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 8.3 - Cross Site Scripting (XSS) vulnerability osama.eshWP Visitor Statistics (Real Time Traffic)--2025-12-16 08:12:59 Deep Dive
CVE-2025-14230 code-projects Daily Time Recording System add_payroll.php sql injection code-projectsDaily Time Recording System Medium 6.3 2025-12-08 11:32:07 Deep Dive
CVE-2025-10055 Time Sheets <= 2.1.3 - Cross-Site Request Forgery mrdennyTime Sheets Medium 4.3 2025-12-05 05:31:25 Deep Dive