| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39479 | WordPress OttoKit plugin <= 1.1.20 - SQL Injection vulnerability | Brainstorm Force | OttoKit | - | - | 2026-04-08 08:30:10 | Deep Dive |
| CVE-2026-39477 | WordPress CartFlows plugin <= 2.2.3 - Broken Access Control vulnerability | Brainstorm Force | CartFlows | - | - | 2026-04-08 08:30:10 | Deep Dive |
| CVE-2026-34889 | WordPress Ultimate Addons for WPBakery Page Builder plugin < 3.21.4 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | Ultimate Addons for WPBakery Page Builder | Medium | 6.5 | 2026-04-01 08:51:32 | Deep Dive |
| CVE-2026-32431 | WordPress Astra Bulk Edit plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | Astra Bulk Edit | 中危 | - | 2026-03-13 11:42:18 | Deep Dive |
| CVE-2026-25316 | WordPress CartFlows plugin <= 2.1.19 - PHP Object Injection vulnerability | Brainstorm Force | CartFlows | - | - | 2026-02-19 08:26:55 | Deep Dive |
| CVE-2026-24982 | WordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerability | Brainstorm Force | Spectra | - | - | 2026-02-03 14:08:36 | Deep Dive |
| CVE-2026-24962 | WordPress Sigmize plugin <= 0.0.9 - Cross Site Request Forgery (CSRF) vulnerability | Brainstorm Force | Sigmize | - | - | 2026-02-03 14:08:35 | Deep Dive |
| CVE-2025-68497 | WordPress Astra Widgets plugin <= 1.2.16 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | Astra Widgets | Medium | 5.9 | 2025-12-24 12:31:20 | Deep Dive |
| CVE-2023-23729 | WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change Vulnerability | Brainstorm Force | Spectra | Medium | 5.4 | 2025-12-09 16:40:38 | Deep Dive |
| CVE-2025-62059 | WordPress SureRank plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | SureRank | 中危 | - | 2025-11-06 15:55:51 | Deep Dive |
| CVE-2025-11814 | Ultimate Addons for WPBakery Page Builder < 3.21.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | Brainstorm Force | Ultimate Addons for WPBakery | Medium | 6.4 | 2025-10-16 04:27:15 | Deep Dive |
| CVE-2025-48164 | WordPress SureDash <= 1.0.3 - Privilege Escalation Vulnerability | Brainstorm Force | SureDash | High | 8.8 | 2025-08-20 08:03:28 | Deep Dive |
| CVE-2025-54685 | WordPress SureDash Plugin <= 1.1.0 - Sensitive Data Exposure Vulnerability | Brainstorm Force | SureDash | Medium | 6.5 | 2025-08-14 10:34:48 | Deep Dive |
| CVE-2025-27007 | WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability | Brainstorm Force | OttoKit | Critical | 9.8 | 2025-05-01 10:54:56 | Deep Dive |
| CVE-2024-13800 | Popup Plugin For WordPress - ConvertPlus <= 3.5.30 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update | Brainstorm Force | ConvertPlus | High | 8.1 | 2025-02-12 04:22:15 | Deep Dive |
| CVE-2025-24568 | WordPress Starter Templates plugin <= 4.4.9 - Cross Site Request Forgery (CSRF) vulnerability | Brainstorm Force | Starter Templates | Medium | 4.3 | 2025-01-24 17:24:14 | Deep Dive |
| CVE-2024-56274 | WordPress Astra Widgets plugin <= 1.2.15 - Cross Site Scripting (XSS) vulnerability | Brainstorm Force | Astra Widgets | Medium | 6.5 | 2025-01-07 10:49:26 | Deep Dive |
| CVE-2023-23825 | WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability | Brainstorm Force | Spectra | Low | 3.1 | 2024-12-09 11:31:49 | Deep Dive |
| CVE-2023-23834 | WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability | Brainstorm Force | Spectra | Medium | 4.3 | 2024-12-09 11:31:49 | Deep Dive |
| CVE-2024-37517 | WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability | Brainstorm Force | Spectra | Medium | 4.3 | 2024-11-01 14:18:12 | Deep Dive |