| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1459 | Undertow: directory traversal vulnerability | - | - | Medium | 5.3 | 2024-02-12 20:30:04 | Deep Dive |
| CVE-2024-0612 | Content Views <= 3.6.2 - Authenticated(Administrator+) Stored Cross-Site Scripting via settings | pt-guy | Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Gutenberg Blocks, and Widgets for Elementor) | Medium | 4.4 | 2024-02-05 21:21:57 | Deep Dive |
| CVE-2023-6291 | Keycloak: redirect_uri validation bypass | Red Hat | Red Hat build of Keycloak 22 | High | 7.1 | 2024-01-26 14:23:43 | Deep Dive |
| CVE-2023-6645 | Post Grid Combo – 36+ Gutenberg Blocks <= 2.2.64 - Authenticated (Contributor+) Cross-Site Scripting | pickplugins | Post Grid | Medium | 6.4 | 2024-01-11 08:32:50 | Deep Dive |
| CVE-2023-5384 | Infinispan: credentials returned from configuration as clear text | Red Hat | Red Hat Data Grid 8.4.6 | High | 7.2 | 2023-12-18 13:43:09 | Deep Dive |
| CVE-2023-3628 | Infispan: rest bulk ops don't check permissions | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 6.5 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-3629 | Infinispan: non-admins should not be able to get cache config via rest api | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.3 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5236 | Infinispan: circular reference on marshalling leads to dos | Red Hat | Red Hat Data Grid 8.4.4 | Medium | 4.4 | 2023-12-18 13:43:08 | Deep Dive |
| CVE-2023-5379 | Undertow: ajp request closes connection exceeding maxrequestsize | Red Hat | Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | High | 7.5 | 2023-12-12 21:54:53 | Deep Dive |
| CVE-2023-40211 | WordPress Post Grid Plugin <= 2.2.50 is vulnerable to Sensitive Data Exposure | PickPlugins | Post Grid Combo – 36+ Gutenberg Blocks | High | 7.5 | 2023-11-30 15:03:24 | Deep Dive |
| CVE-2023-5815 | News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Remote Code Execution via Local File Inclusion | infornweb | Blog Designer Pack – Blog, Post Grid, Post Slider, Post Carousel, Category Post, News | High | 8.1 | 2023-11-22 15:33:22 | Deep Dive |
| CVE-2023-47684 | WordPress Essential Grid Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) | ThemePunch OHG | Essential Grid | High | 7.1 | 2023-11-13 23:09:09 | Deep Dive |
| CVE-2023-5251 | Grid Plus <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) Grid Layout Add/Update/Delete | g5theme | Grid Plus – Unlimited grid layout | Medium | 5.4 | 2023-10-30 13:49:02 | Deep Dive |
| CVE-2023-5250 | Grid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via Shortcode | g5theme | Grid Plus – Unlimited grid layout | High | 8.8 | 2023-10-30 13:49:00 | Deep Dive |
| CVE-2023-46209 | WordPress Grid Plus Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS) | G5Theme | Grid Plus – Unlimited grid layout | High | 7.1 | 2023-10-27 20:39:06 | Deep Dive |
| CVE-2023-45727 | Proself 代码问题漏洞 | North Grid Corporation | Proself Enterprise/Standard Edition | 高危 | - | 2023-10-18 09:01:12 | Deep Dive |
| CVE-2023-41659 | WordPress Responsive Gallery Grid Plugin <= 2.3.10 is vulnerable to Cross Site Request Forgery (CSRF) | Jules Colle, BDWM | Responsive Gallery Grid | Medium | 5.4 | 2023-10-06 14:40:58 | Deep Dive |
| CVE-2023-4586 | Hotrod-client: hot rod client does not enable hostname validation when using tls that lead to a mitm attack | Red Hat | Red Hat Data Grid 8.4.6 | High | 7.4 | 2023-10-04 10:46:15 | Deep Dive |
| CVE-2023-39923 | WordPress The Post Grid Plugin <= 7.2.7 is vulnerable to Cross Site Request Forgery (CSRF) | RadiusTheme | The Post Grid | Medium | 5.4 | 2023-10-03 11:05:28 | Deep Dive |
| CVE-2023-3223 | Undertow: outofmemoryerror due to @multipartconfig handling | Red Hat | Red Hat Fuse 7.12.1 | High | 7.5 | 2023-09-27 13:54:45 | Deep Dive |