Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 37 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-39509 WordPress Directorist plugin <= 8.5.10 - Broken Access Control vulnerability wpWaxDirectorist--2026-04-08 08:30:14 Deep Dive
CVE-2026-22460 WordPress FormGent plugin <= 1.7.0 - Arbitrary File Deletion vulnerability wpWaxFormGent High 8.6 2026-03-05 05:53:46 Deep Dive
CVE-2025-68069 WordPress Directorist plugin <= 8.6.6 - Broken Access Control vulnerability wpWaxDirectorist High 7.1 2026-02-20 15:46:38 Deep Dive
CVE-2025-64250 WordPress Directorist plugin <= 8.6.6 - Open Redirection vulnerability wpWaxDirectorist Medium 4.7 2025-12-16 08:12:50 Deep Dive
CVE-2025-66077 WordPress Legal Pages plugin <= 1.4.6 - Broken Access Control vulnerability wpWaxLegal Pages Medium 5.3 2025-11-21 12:29:57 Deep Dive
CVE-2025-12174 Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.5.2 - Missing Authorization to Authenticated (Subscriber+) Data Export and Slug Update wpwaxDirectorist: AI-Powered Business Directory, Listings & Classified Ads Medium 6.5 2025-11-19 05:45:14 Deep Dive
CVE-2025-10488 Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.4.8 - Authenticated (Subscriber+) Arbitrary File Move wpwaxDirectorist: AI-Powered Business Directory, Listings & Classified Ads High 8.1 2025-10-25 06:49:21 Deep Dive
CVE-2025-48242 WordPress Legal Pages plugin <= 1.4.5 - Broken Access Control Vulnerability wpWaxLegal Pages Medium 6.5 2025-05-19 14:44:54 Deep Dive
CVE-2025-32658 WordPress HelpGent plugin <= 2.2.5 - PHP Object Injection vulnerability wpWaxHelpGent Critical 9.8 2025-04-17 15:47:03 Deep Dive
CVE-2025-39525 WordPress Logo Carousel Slider plugin <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability wpWaxLogo Carousel Slider Medium 6.5 2025-04-16 12:45:48 Deep Dive
CVE-2025-32499 WordPress Logo Showcase Ultimate plugin <= 1.4.4 - Local File Inclusion vulnerability wpWaxLogo Showcase Ultimate Medium 6.5 2025-04-09 16:09:45 Deep Dive
CVE-2025-31857 WordPress Directorist AddonsKit for Elementor plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability wpWaxDirectorist AddonsKit for Elementor Medium 6.5 2025-04-01 14:52:04 Deep Dive
CVE-2025-2224 Directorist <= 8.2 - Missing Authorization to Unauthenticated Arbitrary Post Publishing wpwaxDirectorist: AI-Powered Business Directory, Listings & Classified Ads Medium 5.3 2025-03-25 05:22:48 Deep Dive
CVE-2025-1570 Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.1 - Privilege Escalation and Account Takeover via Weak OTP wpwaxDirectorist: AI-Powered Business Directory, Listings & Classified Ads High 8.1 2025-02-28 08:23:18 Deep Dive
CVE-2024-12041 Directorist – AI-Powered WordPress Business Directory Plugin with Classified Ads Listings <= 8.0.12 - Unauthenticated User Information Exposure wpwaxDirectorist: AI-Powered Business Directory, Listings & Classified Ads Medium 5.3 2025-02-01 05:30:37 Deep Dive
CVE-2025-24782 WordPress Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin <= 1.6.10 - Local File Inclusion vulnerability wpWaxPost Grid, Slider & Carousel Ultimate Medium 6.5 2025-01-27 14:22:20 Deep Dive
CVE-2025-24681 WordPress Product Carousel Slider & Grid Ultimate for WooCommerce Plugin <= 1.10.0 - Cross Site Scripting (XSS) vulnerability wpWaxProduct Carousel Slider & Grid Ultimate for WooCommerce Medium 5.9 2025-01-24 17:24:54 Deep Dive
CVE-2024-13408 Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion wpwaxPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget High 7.5 2025-01-24 11:07:33 Deep Dive
CVE-2024-13409 Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler() wpwaxPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget High 7.5 2025-01-24 11:07:31 Deep Dive
CVE-2023-35052 WordPress Directorist plugin <= 7.5.4 - Arbitrary Content Deletion vulnerability wpWaxDirectorist Medium 4.3 2024-12-13 14:23:40 Deep Dive