| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3533 | JupiterX Core <= 4.14.1 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import | artbees | Jupiter X Core | High | 8.8 | 2026-03-23 23:25:49 | Deep Dive |
| CVE-2025-50004 | WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability | artbees | JupiterX Core | High | 8.8 | 2026-01-22 16:51:44 | Deep Dive |
| CVE-2025-58264 | WordPress JupiterX Core Plugin <= 4.11.0 - Cross Site Scripting (XSS) Vulnerability | artbees | JupiterX Core | Medium | 6.5 | 2025-09-22 18:23:19 | Deep Dive |
| CVE-2025-3888 | Jupiterx Core <= 4.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Inline SVG | artbees | Jupiter X Core | Medium | 6.4 | 2025-05-17 11:17:17 | Deep Dive |
| CVE-2025-47475 | WordPress JupiterX Core plugin <= 4.8.11 - Cross Site Scripting (XSS) Vulnerability | artbees | JupiterX Core | Medium | 6.5 | 2025-05-07 14:19:46 | Deep Dive |
| CVE-2025-2105 | Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR | artbees | Jupiter X Core | High | 8.1 | 2025-04-26 05:34:22 | Deep Dive |
| CVE-2025-0365 | Jupiterx Core <= 4.8.7 - Authenticated (Contributor+) Arbitrary File Read | artbees | Jupiter X Core | Medium | 6.5 | 2025-02-01 05:30:38 | Deep Dive |
| CVE-2025-0366 | Jupiter X Core <= 4.8.7 - Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution) | artbees | Jupiter X Core | High | 8.8 | 2025-02-01 05:30:37 | Deep Dive |
| CVE-2024-12316 | Jupiter X Core <= 4.8.5 - Missing Authorization to Unauthenticated Popup Template Export | artbees | Jupiter X Core | Medium | 5.3 | 2025-01-07 11:11:11 | Deep Dive |
| CVE-2024-12033 | Jupiter X Core <= 4.8.5 - Missing Authorization to Authenticated Library Sync | artbees | Jupiter X Core | Medium | 4.3 | 2025-01-07 11:11:11 | Deep Dive |
| CVE-2023-38385 | WordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerability | artbees | JupiterX Core | High | 8.3 | 2024-12-13 14:23:54 | Deep Dive |
| CVE-2024-7781 | Jupiter X Core <= 4.7.5 - Limited Unauthenticated Authentication Bypass to Account Takeover | artbees | Jupiter X Core | High | 8.1 | 2024-09-26 04:30:00 | Deep Dive |
| CVE-2024-7772 | Jupiter X Core <= 4.6.5 - Unauthenticated Arbitrary File Upload | artbees | Jupiter X Core | Critical | 9.8 | 2024-09-26 04:29:59 | Deep Dive |
| CVE-2023-38389 | WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability | Artbees | JupiterX Core | Critical | 9.8 | 2024-06-21 15:58:28 | Deep Dive |
| CVE-2023-38394 | WordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerability | Artbees | JupiterX Core | Medium | 5.4 | 2024-06-19 14:14:18 | Deep Dive |
| CVE-2024-4608 | SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | artbees | SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster | Medium | 6.4 | 2024-06-06 03:32:53 | Deep Dive |
| CVE-2024-30509 | WordPress SellKit plugin <= 1.8.1 - Arbitrary File Download vulnerability | Artbees | SellKit | Medium | 6.5 | 2024-05-17 08:51:58 | Deep Dive |
| CVE-2023-32110 | WordPress JupiterX theme <= 3.0.0 - Auth. Local File Inclusion vulnerability | artbees | JupiterX | High | 7.6 | 2024-05-17 06:42:17 | Deep Dive |
| CVE-2023-38388 | WordPress Jupiter X Core plugin <= 3.3.5 - Unauth. Arbitrary File Upload vulnerability | Artbees | JupiterX Core | Critical | 9.0 | 2024-03-26 20:39:52 | Deep Dive |
| CVE-2023-3813 | Jupiter X Core <= 4.6.6 - Unauthenticated Arbitrary File Download | artbees | Jupiter X Core | High | 7.5 | 2023-07-21 02:04:27 | Deep Dive |