| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-6443 | Essentialplugin Plugins (Various Versions) - Injected Backdoor | essentialplugin | Accordion and Accordion Slider | Critical | 9.8 | 2026-04-17 06:44:49 | Deep Dive |
| CVE-2026-3142 | Pinterest Site Verification plugin using Meta Tag <= 1.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'post_var' | uniquecodergmailcom | Pinterest Site Verification plugin using Meta Tag | Medium | 6.4 | 2026-04-08 06:43:40 | Deep Dive |
| CVE-2025-14675 | Meta Box <= 5.11.1 - Authenticated (Contributor+) Arbitrary File Deletion | metabox | Meta Box | High | 7.2 | 2026-03-07 07:22:03 | Deep Dive |
| CVE-2026-2498 | WP Social Meta <= 1.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Settings | bulktheme | WP Social Meta | Medium | 4.4 | 2026-02-26 01:24:15 | Deep Dive |
| CVE-2026-23864 | Meta React Server Components 安全漏洞 | Meta | react-server-dom-webpack | - | - | 2026-01-26 19:16:38 | Deep Dive |
| CVE-2026-1302 | Meta-box GalleryMeta <= 3.0.1 - Authenticated (Editor+) Stored Cross-Site Scripting via Image Caption | shahinurislam | Meta-box GalleryMeta | Medium | 4.4 | 2026-01-24 08:26:35 | Deep Dive |
| CVE-2026-0687 | Meta-box GalleryMeta <= 3.0.1 - Missing Authorization to Authenticated (Author+) Gallery Management | shahinurislam | Meta-box GalleryMeta | Medium | 4.3 | 2026-01-24 08:26:35 | Deep Dive |
| CVE-2026-0608 | Head Meta Data <= 20251118 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta | specialk | Head Meta Data | Medium | 6.4 | 2026-01-20 14:26:33 | Deep Dive |
| CVE-2025-14888 | Simple User Meta Editor <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via User Meta Value Field | anjan011 | Simple User Meta Editor | Medium | 4.4 | 2026-01-07 06:36:01 | Deep Dive |
| CVE-2025-67779 | Meta React Server Components 安全漏洞 | Meta | react-server-dom-parcel | High | 7.5 | 2025-12-11 23:36:21 | Deep Dive |
| CVE-2025-55184 | Meta React Server Components 安全漏洞 | Meta | react-server-dom-webpack | High | 7.5 | 2025-12-11 20:05:01 | Deep Dive |
| CVE-2025-55183 | Meta React Server Components 安全漏洞 | Meta | react-server-dom-webpack | Medium | 5.3 | 2025-12-11 20:04:49 | Deep Dive |
| CVE-2025-55182 | Meta React Server Components 安全漏洞 | Meta | react-server-dom-webpack | Critical | 10.0 | 2025-12-03 15:40:57 | Deep Dive |
| CVE-2025-66081 | WordPress Head Meta Data plugin <= 20250327 - Cross Site Scripting (XSS) vulnerability | Jeff Starr | Head Meta Data | Medium | 5.9 | 2025-11-21 12:29:57 | Deep Dive |
| CVE-2025-12088 | Meta Display Block <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | bhargavbhandari90 | Meta Display Block | Medium | 6.4 | 2025-11-18 09:27:39 | Deep Dive |
| CVE-2025-62928 | WordPress SEO Meta Description Updater plugin <= 1.2.0 - Broken Access Control vulnerability | Joby Joseph | SEO Meta Description Updater | Medium | 4.3 | 2025-10-27 01:34:00 | Deep Dive |
| CVE-2025-5983 | Meta Tag Manager < 3.3 - Contributor+ Open Redirect | Unknown | Meta Tag Manager | - | - | 2025-10-22 06:00:06 | Deep Dive |
| CVE-2025-60142 | WordPress Simple Meta Tags Plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability | DaganLev | Simple Meta Tags | Medium | 6.5 | 2025-09-26 08:31:48 | Deep Dive |
| CVE-2025-55178 | Llama Stack 安全漏洞 | Meta Platforms, Inc | Llama Stack | - | - | 2025-09-24 18:31:28 | Deep Dive |
| CVE-2025-9693 | User Meta – User Profile Builder and User management plugin <= 3.1.2 - Authenticated (Subscriber+) Arbitrary File Deletion | khaledsaikat | User Meta – User Profile Builder and User management plugin | High | 8.0 | 2025-09-11 07:25:00 | Deep Dive |