| CVE-2026-25435 | WordPress Booking calendar, Appointment Booking System plugin <= 3.2.36 - Cross Site Scripting (XSS) vulnerability | wpdevart | Booking calendar, Appointment Booking System | High | 7.1 | 2026-03-25 16:14:49 | Deep Dive |
| CVE-2025-14555 | Countdown Timer - Widget Countdown <= 2.7.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevart | Countdown Timer – Widget Countdown | Medium | 6.4 | 2026-01-10 12:23:17 | Deep Dive |
| CVE-2025-67574 | WordPress Booking calendar, Appointment Booking System plugin <= 3.2.30 - Broken Access Control vulnerability | wpdevart | Booking calendar, Appointment Booking System | Medium | 5.3 | 2025-12-09 14:14:14 | Deep Dive |
| CVE-2025-62886 | WordPress Pricing Table builder plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability | wpdevart | Pricing Table builder | High | 7.1 | 2025-10-27 01:33:45 | Deep Dive |
| CVE-2025-2537 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library | wpdevart | YouTube Embed, Playlist and Popup by WpDevArt | Medium | 6.4 | 2025-07-03 12:23:09 | Deep Dive |
| CVE-2025-47443 | WordPress Widget Countdown plugin <= 2.7.4 - Cross Site Scripting (XSS) Vulnerability | wpdevart | Widget Countdown | Medium | 6.5 | 2025-05-07 14:19:33 | Deep Dive |
| CVE-2025-24719 | WordPress Widget Countdown plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability | wpdevart | Widget Countdown | Medium | 6.5 | 2025-01-24 17:25:12 | Deep Dive |
| CVE-2024-12077 | Booking Calendar and Booking Calendar Pro <= Multiple Versions - Reflected Cross-Site Scripting via 'calendar_id' | wpdevart | Booking calendar, Appointment Booking System | Medium | 6.1 | 2025-01-07 07:22:34 | Deep Dive |
| CVE-2023-45631 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | Medium | 4.3 | 2025-01-02 11:59:52 | Deep Dive |
| CVE-2024-10856 | Booking Calendar WpDevArt <= 3.2.19 - Authenticated (Contributor+) SQL Injection | wpdevart | Booking calendar, Appointment Booking System | Medium | 6.5 | 2024-12-24 11:09:51 | Deep Dive |
| CVE-2023-24407 | WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Broken Access Control vulnerability | wpdevart | Booking calendar, Appointment Booking System | Medium | 5.0 | 2024-12-09 11:31:40 | Deep Dive |
| CVE-2024-9504 | Booking calendar, Appointment Booking System <= 3.2.15 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload | wpdevart | Booking calendar, Appointment Booking System | High | 7.2 | 2024-11-26 07:31:31 | Deep Dive |
| CVE-2024-7355 | Organization chart <= 1.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via title_input and node_description Parameters | wpdevart | Organization chart | Medium | 4.9 | 2024-08-07 12:30:17 | Deep Dive |
| CVE-2024-37542 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability | WpDevArt | Responsive Image Gallery, Gallery Album | Medium | 5.4 | 2024-07-06 12:40:29 | Deep Dive |
| CVE-2024-35747 | WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability | wpdevart | Contact Form Builder, Contact Widget | Medium | 5.3 | 2024-06-10 16:37:17 | Deep Dive |
| CVE-2024-35750 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | High | 8.5 | 2024-06-08 12:37:31 | Deep Dive |
| CVE-2023-49741 | WordPress Coming soon and Maintenance mode plugin <= 3.7.3 - IP Filtering Bypass vulnerability | wpdevart | Coming soon and Maintenance mode | Low | 3.7 | 2024-06-04 11:05:11 | Deep Dive |
| CVE-2023-24373 | WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Bypass vulnerability | WpDevArt | Booking calendar, Appointment Booking System | Low | 3.7 | 2024-06-03 21:35:58 | Deep Dive |
| CVE-2024-30550 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | High | 7.1 | 2024-03-31 19:57:44 | Deep Dive |
| CVE-2024-31120 | WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability | wpdevart | Responsive Image Gallery, Gallery Album | Medium | 6.5 | 2024-03-31 18:48:31 | Deep Dive |