Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 21 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-0552 Simple Shopping Cart <= 5.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpsc_display_product' Shortcode mra13Simple Shopping Cart Medium 6.4 2026-04-04 07:41:59 Deep Dive
CVE-2026-2383 Simple Download Monitor <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field mra13Simple Download Monitor Medium 6.4 2026-02-27 08:24:19 Deep Dive
CVE-2025-8977 Simple Download Monitor <= 3.9.33 - Simple Download Monitor <= 3.9.33 – Authenticated (Contributor+) SQL Injection via order parameter in Log Export functionality mra13Simple Download Monitor Medium 6.5 2025-08-28 04:24:10 Deep Dive
CVE-2025-58197 WordPress Simple Download Monitor Plugin <= 3.9.34 - Cross Site Scripting (XSS) Vulnerability mra13Simple Download Monitor Medium 6.5 2025-08-27 17:45:42 Deep Dive
CVE-2025-3890 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode mra13Simple Shopping Cart Medium 6.4 2025-05-01 11:11:42 Deep Dive
CVE-2025-3889 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity' mra13Simple Shopping Cart Medium 5.3 2025-05-01 11:11:42 Deep Dive
CVE-2025-3874 WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference mra13Simple Shopping Cart Medium 6.5 2025-05-01 11:11:42 Deep Dive
CVE-2025-3530 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Product Price Manipulation mra13Simple Shopping Cart High 7.5 2025-04-23 07:06:50 Deep Dive
CVE-2025-3529 WordPress Simple PayPal Shopping Cart <= 5.1.2 - Unauthenticated Information Exposure via file_url Parameter mra13Simple Shopping Cart High 8.2 2025-04-23 07:06:49 Deep Dive
CVE-2025-24663 WordPress Simple Download Monitor plugin <= 3.9.25 - SQL Injection vulnerability mra13Simple Download Monitor High 7.6 2025-01-24 17:24:44 Deep Dive
CVE-2024-56279 WordPress Compact WP Audio Player plugin <= 1.9.14 - Server Side Request Forgery (SSRF) vulnerability mra13Compact WP Audio Player Medium 6.4 2025-01-07 10:49:23 Deep Dive
CVE-2023-48286 WordPress Accept Stripe Payments plugin <= 2.0.79 - Broken Access Control vulnerability mra13Stripe Payments 高危 -2024-12-09 11:30:31 Deep Dive
CVE-2024-11088 Simple Membership <= 4.5.5 - Exposure of Private Personal Information to an Unauthorized Actor wpinsider-1Simple Membership Medium 5.3 2024-11-21 13:55:33 Deep Dive
CVE-2024-10176 Compact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_embed_player Shortcode mra13Compact WP Audio Player Medium 6.4 2024-10-24 11:03:17 Deep Dive
CVE-2024-4383 Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode wpinsider-1Simple Membership Medium 6.4 2024-05-09 20:03:27 Deep Dive
CVE-2024-3730 Simple Membership <= 4.4.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode wpinsider-1Simple Membership Medium 5.4 2024-04-25 11:00:22 Deep Dive
CVE-2024-1985 Simple Membership <= 4.4.2 - Unauthenticated Stored Self-Based Cross-Site Scripting wpinsider-1Simple Membership Medium 4.7 2024-03-13 15:27:04 Deep Dive
CVE-2024-0859 Affiliates Manager <= 2.9.34 - Cross-Site Request Forgery wpinsider-1Affiliates Manager Medium 4.3 2024-02-05 21:21:42 Deep Dive
CVE-2023-6882 Simple Membership <= 4.3.8 - Reflected Cross-Site Scripting Vulnerability via environment_mode wpinsider-1Simple Membership Medium 6.1 2024-01-11 08:32:31 Deep Dive
CVE-2023-4719 Simple Membership <= 4.3.5 - Reflected Cross-Site Scripting wpinsider-1Simple Membership High 7.2 2023-09-06 01:52:45 Deep Dive