Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 26 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-0718 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.5 - Missing Authorization to Limited Post Meta Modification wpxpoPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX Medium 5.3 2026-04-16 07:39:51 Deep Dive
CVE-2026-39700 WordPress WowOptin plugin <= 1.4.32 - Broken Access Control vulnerability WPXPOWowOptin--2026-04-08 08:30:47 Deep Dive
CVE-2026-4302 WowOptin: Next-Gen Popup Maker <= 1.4.29 - Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST API wpxpoWowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation High 7.2 2026-03-21 01:24:38 Deep Dive
CVE-2026-2579 WowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' Parameter wpxpoWowStore – Store Builder & Product Blocks for WooCommerce High 7.5 2026-03-17 01:24:29 Deep Dive
CVE-2026-1720 WowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation <= 1.4.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation wpxpoWowOptin: Next-Gen Popup Maker – Create Stunning Popups and Optins for Lead Generation High 8.8 2026-03-05 13:24:01 Deep Dive
CVE-2026-1273 PostX <= 5.0.8 - Authenticated (Administrator+) Server-Side Request Forgery via REST API Endpoints wpxpoPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX High 7.2 2026-03-04 01:21:59 Deep Dive
CVE-2026-2001 WowRevenue <= 2.1.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation wpxpoWowRevenue – Product Bundles & Bulk Discounts High 8.8 2026-02-16 19:24:03 Deep Dive
CVE-2025-69313 WordPress PostX plugin <= 5.0.3 - Broken Access Control vulnerability WPXPOPostX--2026-01-22 16:52:32 Deep Dive
CVE-2025-68606 WordPress PostX plugin <= 5.0.3 - Sensitive Data Exposure vulnerability WPXPOPostX Medium 5.3 2025-12-24 13:10:49 Deep Dive
CVE-2025-12980 Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX <= 5.0.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure wpxpoPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX High 7.5 2025-12-21 02:20:33 Deep Dive
CVE-2025-55707 WordPress PostX Plugin <= 4.1.35 - Privilege Escalation Vulnerability WPXPOPostX--2025-12-18 07:21:51 Deep Dive
CVE-2025-54751 WordPress PostX plugin <= 4.1.36 - Broken Access Control vulnerability WPXPOPostX--2025-12-18 07:21:50 Deep Dive
CVE-2025-62070 WordPress WowRevenue plugin <= 1.2.13 - Broken Access Control vulnerability WPXPOWowRevenue Medium 4.3 2025-10-22 14:32:54 Deep Dive
CVE-2025-39571 WordPress WowStore plugin <= 4.2.4 - Broken Access Control Vulnerability WPXPOWowStore Medium 4.3 2025-04-16 12:44:30 Deep Dive
CVE-2025-31096 WordPress PostX plugin <= 4.1.25 - Cross Site Scripting (XSS) Vulnerability WPXPOPostX Medium 6.5 2025-03-28 09:39:52 Deep Dive
CVE-2023-45271 WordPress ProductX – Gutenberg WooCommerce Blocks plugin <= 2.7.8 - Broken Access Control vulnerability WPXPOWowStore 中危 -2025-01-02 11:59:51 Deep Dive
CVE-2024-53818 WordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability WPXPOPostX Medium 6.5 2024-12-09 12:54:57 Deep Dive
CVE-2024-50513 WordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability WPXPOPostX Medium 5.9 2024-11-19 16:32:18 Deep Dive
CVE-2024-10728 PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/Activation wpxpoPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX High 8.8 2024-11-16 04:29:15 Deep Dive
CVE-2024-50443 WordPress PostX plugin <= 4.1.12 - Cross Site Scripting (XSS) vulnerability WPXPOPostX--2024-10-28 13:07:34 Deep Dive