| CVE-2024-6553 | WP Meteor Website Speed Optimization Addon <= 3.4.3 - Unauthenticated Full Path Disclosure | aguidrevitch | WP Meteor Website Speed Optimization Addon | Medium | 5.3 | 2024-07-24 06:42:22 | Deep Dive |
| CVE-2024-2430 | Website Content in Page or Post < 2024.04.09 - Contributor+ Stored Cross-Site Scripting | Unknown | Website Content in Page or Post | 中危 | - | 2024-07-12 06:00:05 | Deep Dive |
| CVE-2024-37437 | WordPress Elementor Website Builder plugin <= 3.22.1 - Arbitrary SVG File Download vulnerability | Elementor | Elementor Website Builder | Medium | 5.5 | 2024-07-09 10:38:55 | Deep Dive |
| CVE-2024-5451 | The7 — Website and eCommerce Builder for WordPress <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute | Dream-Theme | The7 — Website and eCommerce Builder for WordPress | Medium | 6.4 | 2024-06-25 13:53:22 | Deep Dive |
| CVE-2024-5541 | Ibtana - WordPress Website Builder <= 1.2.3.3 - Unauthenticated reCAPTCHA Settings Update | vowelweb | Ibtana – WordPress Website Builder | Medium | 5.3 | 2024-06-18 02:37:13 | Deep Dive |
| CVE-2023-48273 | WordPress Preloader for Website plugin <= 1.2.2 - Unauthenticated Broken Access Control vulnerability | WP OnlineSupport, Essential Plugin | Preloader for Website | Medium | 5.3 | 2024-06-11 16:29:14 | Deep Dive |
| CVE-2023-33922 | WordPress Elementor plugin <= 3.13.2 - Broken Access Control vulnerability | Elementor | Elementor Website Builder | Medium | 4.3 | 2024-06-11 09:17:29 | Deep Dive |
| CVE-2024-5599 | FileOrganizer <= 1.0.7 - Sensitive Information Exposure via Directory Listing | softaculous | FileOrganizer – WordPress File Manager | High | 7.5 | 2024-06-07 12:33:44 | Deep Dive |
| CVE-2024-35653 | WordPress Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin <= 45.8.0 - Cross Site Scripting (XSS) vulnerability | Visual Composer | Visual Composer Website Builder | Medium | 6.5 | 2024-06-04 14:11:23 | Deep Dive |
| CVE-2024-2793 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.30 - Unauthenticated Stored Cross-Site Scripting | wpfeedback | Atarim – Visual Feedback, Review & AI Collaboration | High | 7.2 | 2024-05-31 04:31:43 | Deep Dive |
| CVE-2024-2038 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.22.6 - Hardcoded Credentials | wpfeedback | Atarim – Visual Feedback, Review & AI Collaboration | High | 7.5 | 2024-05-23 06:46:03 | Deep Dive |
| CVE-2024-4619 | Elementor Website Builder – More than Just a Page Builder <= 3.21.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-05-21 11:02:29 | Deep Dive |
| CVE-2024-24934 | WordPress Elementor plugin <= 3.19.0 - Arbitrary File Deletion and Phar Deserialization vulnerability | Elementor | Elementor Website Builder | High | 8.5 | 2024-05-17 08:50:02 | Deep Dive |
| CVE-2024-4922 | SourceCodester Simple Image Stack Website cross site scripting | SourceCodester | Simple Image Stack Website | Low | 3.5 | 2024-05-16 01:00:07 | Deep Dive |
| CVE-2024-4107 | Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | https://elementor.com/ | Elementor Website Builder Pro | Medium | 6.4 | 2024-05-09 20:03:19 | Deep Dive |
| CVE-2024-2324 | FileOrganizer and FileOrganizer Pro <= 1.0.6 - Authenticated Stored Cross-Site Scripting | softaculous | FileOrganizer – WordPress File Manager | Medium | 4.4 | 2024-05-02 16:52:55 | Deep Dive |
| CVE-2023-47504 | WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability | Elementor | Elementor Website Builder | High | 7.5 | 2024-04-24 15:49:49 | Deep Dive |
| CVE-2024-4093 | SourceCodester Simple Subscription Website view_application.php sql injection | SourceCodester | Simple Subscription Website | Medium | 6.3 | 2024-04-24 01:00:07 | Deep Dive |
| CVE-2024-4075 | Kashipara Online Furniture Shopping Ecommerce Website login.php cross site scripting | Kashipara | Online Furniture Shopping Ecommerce Website | Low | 3.5 | 2024-04-23 23:00:07 | Deep Dive |
| CVE-2024-4074 | Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php cross site scripting | Kashipara | Online Furniture Shopping Ecommerce Website | Low | 3.5 | 2024-04-23 23:00:05 | Deep Dive |