| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10575 | WP jQuery Pager <= 1.4.0 - Authenticated (Contributor+) SQL Injection via Shortcode | ivycat | WP jQuery Pager | Medium | 6.5 | 2025-10-15 08:25:53 | Deep Dive |
| CVE-2025-3650 | jQuery Colorbox <= 4.6.3 - Contributor+ Stored XSS | Unknown | jQuery Colorbox | 中危 | - | 2025-09-12 06:00:04 | Deep Dive |
| CVE-2025-6725 | Cross-Site Scripting (XSS) in PdfViewer | Progress Software | Kendo UI for jQuery | Medium | 5.4 | 2025-07-02 14:39:15 | Deep Dive |
| CVE-2025-47605 | WordPress WP jQuery DataTable plugin <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability | AppJetty | WP jQuery DataTable | Medium | 5.9 | 2025-05-07 14:20:28 | Deep Dive |
| CVE-2025-46514 | WordPress Milat jQuery Automatic Popup plugin <= 1.3.1 - CSRF to Stored XSS vulnerability | milat | Milat jQuery Automatic Popup | High | 7.1 | 2025-04-24 16:08:56 | Deep Dive |
| CVE-2025-3573 | jquery-validation 安全漏洞 | - | jquery-validation | Medium | 6.1 | 2025-04-15 05:00:09 | Deep Dive |
| CVE-2025-30560 | WordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerability | Sana Ullah | jQuery Dropdown Menu | High | 7.1 | 2025-03-24 13:47:00 | Deep Dive |
| CVE-2025-28861 | WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability | bhzad | WP jQuery Persian Datepicker | High | 7.1 | 2025-03-11 21:00:33 | Deep Dive |
| CVE-2024-5667 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library | cipherdevgroup | WP Featherlight – A Simple jQuery Lightbox | Medium | 6.4 | 2025-03-05 09:21:46 | Deep Dive |
| CVE-2025-22798 | WordPress Responsive jQuery Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability | CHR Designer | Responsive jQuery Slider | Medium | 6.5 | 2025-01-15 15:23:05 | Deep Dive |
| CVE-2025-22546 | WordPress jQuery TwentyTwenty plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Obaid Hossain | jQuery TwentyTwenty | Medium | 6.5 | 2025-01-07 14:57:21 | Deep Dive |
| CVE-2024-56287 | WordPress WP jQuery DataTable Plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability | AppJetty | WP jQuery DataTable | Medium | 6.5 | 2025-01-07 10:49:17 | Deep Dive |
| CVE-2024-12499 | WP jQuery DataTable <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | biztechc | WP jQuery DataTable | Medium | 6.4 | 2025-01-07 06:40:58 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-37247 | WordPress jQuery T(-) Countdown Widget plugin <= 2.3.25 - Cross Site Scripting (XSS) vulnerability | twinpictures, baden03 | jQuery T(-) Countdown Widget | Medium | 6.5 | 2024-06-26 21:16:59 | Deep Dive |
| CVE-2024-5425 | WP jQuery Lightbox <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Attribute | firelightwp | LightPress Lightbox | Medium | 6.4 | 2024-06-07 03:21:57 | Deep Dive |
| CVE-2024-4783 | jQuery T(-) Countdown Widget <= 2.3.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via tminus Shortcode | baden03 | jQuery T(-) Countdown Widget | Medium | 6.4 | 2024-05-23 01:56:19 | Deep Dive |
| CVE-2024-24850 | WordPress Quicksand Post Filter jQuery plugin <= 3.1.1 - Broken Access Control vulnerability | Mark Stockton | Quicksand Post Filter jQuery Plugin | Medium | 5.3 | 2024-03-21 17:49:24 | Deep Dive |
| CVE-2024-24849 | WordPress Quicksand Post Filter jQuery Plugin Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF) | Mark Stockton | Quicksand Post Filter jQuery Plugin | Medium | 4.3 | 2024-02-21 07:04:20 | Deep Dive |
| CVE-2023-5432 | Jquery news ticker <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | gopiplushotmailcom | Jquery news ticker | Medium | 6.4 | 2023-12-19 03:30:31 | Deep Dive |