| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1394 | Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | High | 7.5 | 2024-03-21 12:16:39 | Deep Dive |
| CVE-2024-25933 | WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability | Pepro Dev. Group | PeproDev Ultimate Invoice | Medium | 5.3 | 2024-03-17 16:04:05 | Deep Dive |
| CVE-2024-25592 | WordPress Broken Link Checker plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability | WPMU DEV | Broken Link Checker | Medium | 5.9 | 2024-03-15 13:56:03 | Deep Dive |
| CVE-2024-27288 | 1Panel open source panel project has an unauthorized vulnerability. | 1Panel-dev | 1Panel | Medium | 6.3 | 2024-03-06 18:23:50 | Deep Dive |
| CVE-2024-25636 | Lack of media type verification of Activity Streams objects allows impersonation and takeover of remote accounts | misskey-dev | misskey | High | 7.1 | 2024-02-19 19:42:21 | Deep Dive |
| CVE-2024-24768 | 1Panel set-cookie is missing the Secure keyword | 1Panel-dev | 1Panel | Medium | 6.5 | 2024-02-05 15:07:42 | Deep Dive |
| CVE-2023-51490 | WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure | WPMU DEV | Defender Security – Malware Scanner, Login Security & Firewall | Medium | 5.3 | 2024-01-08 20:17:35 | Deep Dive |
| CVE-2023-52139 | Misskey vulnerable to improper authorization when accessing with third-party application | misskey-dev | misskey | Critical | 9.0 | 2023-12-29 17:21:02 | Deep Dive |
| CVE-2023-49079 | Misskey's missing signature validation allows arbitrary users to impersonate any remote user. | misskey-dev | misskey | Critical | 9.3 | 2023-11-29 18:56:17 | Deep Dive |
| CVE-2023-47810 | WordPress Ajax Domain Checker Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) | Asdqwe Dev | Ajax Domain Checker | Medium | 6.5 | 2023-11-22 22:19:34 | Deep Dive |
| CVE-2023-6142 | Dev Blog v1.0 - Stored XSS | Dev Blog | Dev Blog | Medium | 5.4 | 2023-11-20 23:24:49 | Deep Dive |
| CVE-2023-6144 | Dev Blog v1.0 - ATO | Dev Blog | Dev Blog | Critical | 9.1 | 2023-11-20 23:20:39 | Deep Dive |
| CVE-2023-46621 | WordPress User Avatar Plugin <= 1.4.11 is vulnerable to Cross Site Scripting (XSS) | Enej Bajgoric / Gagan Sandhu / CTLT DEV | User Avatar | 中危 | - | 2023-11-08 15:16:11 | Deep Dive |
| CVE-2023-44397 | CloudExplorer Lite permission bypass vulnerability | CloudExplorer-Dev | CloudExplorer-Lite | High | 7.5 | 2023-10-30 22:28:24 | Deep Dive |
| CVE-2023-43793 | Misskey allows users to bypass authentication of Bull dashboard | misskey-dev | misskey | High | 7.5 | 2023-10-04 20:21:29 | Deep Dive |
| CVE-2023-44145 | WordPress Anchor Episodes Index (Spotify for Podcasters) Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) | jesweb.dev | Anchor Episodes Index (Spotify for Podcasters) | Medium | 6.5 | 2023-10-02 09:49:37 | Deep Dive |
| CVE-2023-41863 | WordPress PeproDev CF7 Database Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS) | Pepro Dev. Group | PeproDev CF7 Database | High | 7.1 | 2023-09-25 18:46:19 | Deep Dive |
| CVE-2023-41036 | Macvim's Insecure Usage of IPC Mechanisms | macvim-dev | macvim | High | 7.8 | 2023-09-12 19:48:15 | Deep Dive |
| CVE-2023-39519 | CloudExplorer Lite sensitive information leakage vulnerability | CloudExplorer-Dev | CloudExplorer-Lite | High | 7.5 | 2023-08-24 22:42:25 | Deep Dive |
| CVE-2023-39966 | 1Panel arbitrary file write vulnerability exists in the background | 1Panel-dev | 1Panel | High | 7.5 | 2023-08-10 17:46:21 | Deep Dive |