| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-33324 | WordPress Easy Captcha plugin <= 1.0 - Broken Access Control vulnerability | wppal | Easy Captcha | Medium | 6.5 | 2024-12-13 14:23:29 | Deep Dive |
| CVE-2024-12072 | Analytics Cat – Google Analytics Made Easy <= 1.1.2 - Reflected Cross-Site Scripting | fatcatapps | Analytics Cat – Google Analytics Made Easy | Medium | 6.1 | 2024-12-12 05:24:21 | Deep Dive |
| CVE-2024-11928 | iChart – Easy Charts and Graphs <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter | quantumcloud | iChart – Easy Charts and Graphs | Medium | 6.4 | 2024-12-10 11:09:11 | Deep Dive |
| CVE-2024-11205 | WPForms 1.8.4 - 1.9.2.1 - Missing Authorization to Authenticated (Subscriber+) Payment Refund and Subscription Cancellation | smub | WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More | High | 8.5 | 2024-12-10 04:23:41 | Deep Dive |
| CVE-2023-23887 | WordPress Easy Google Analytics for WordPress plugin <= 1.6.0 - Broken Access Control vulnerability | Shahjada | Easy Google Analytics for WordPress | Medium | 5.3 | 2024-12-09 11:31:46 | Deep Dive |
| CVE-2023-25469 | WordPress Easy Table of Contents plugin <= 2.0.45.2 - Broken Access Control vulnerability | Magazine3 | Easy Table of Contents | Medium | 5.4 | 2024-12-09 11:31:33 | Deep Dive |
| CVE-2023-30748 | WordPress Easy Appointments plugin <= 3.10.7 - Auth. Stored Cross-Site Scripting (XSS) vulnerability | Nikola Loncar | Easy Appointments | Medium | 4.3 | 2024-12-09 11:31:04 | Deep Dive |
| CVE-2023-48740 | WordPress Easy Social Feed plugin <= 6.5.1 - Broken Access Control vulnerability | Sajid Javed | Easy Social Feed | 中危 | - | 2024-12-09 11:30:27 | Deep Dive |
| CVE-2024-11464 | Easy Code Snippets <= 1.0.2 - Reflected Cross-Site Scripting | alphabposervice | Easy Code Snippets | Medium | 6.1 | 2024-12-07 11:09:53 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-53793 | WordPress eDoc Easy Tables plugin <= 1.29 - CSRF to SQL Injection vulnerability | jerodmoore | eDoc Easy Tables | High | 8.2 | 2024-12-02 13:48:25 | Deep Dive |
| CVE-2024-11684 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:36 | Deep Dive |
| CVE-2024-11685 | Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' | iseardmedia | Kudos Donations: Easy Donations with Mollie | One-off & Recurring | PDF Invoices | Buttons & Forms | Medium | 6.1 | 2024-11-28 08:47:34 | Deep Dive |
| CVE-2024-11145 | Easy Folder Listing Pro deserialization vulnerability | Valor Apps | Easy Folder Listing Pro | Critical | 9.8 | 2024-11-26 19:17:45 | Deep Dive |
| CVE-2024-11387 | Easy Liveblogs <= 2.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | jeffreyvr | Easy Liveblogs | Medium | 6.4 | 2024-11-23 04:32:21 | Deep Dive |
| CVE-2024-10666 | Easy Twitter Feed – Twitter feeds plugin for WP <= 1.2.6 - Authenticated (Contributor+) Post Exposure | bplugins | Feeds for Twitter – Embed Social Media Posts with Live Updates | Medium | 4.3 | 2024-11-22 05:33:43 | Deep Dive |
| CVE-2024-51833 | WordPress Easy Social Sharebar plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability | nomaniplex | Easy Social Sharebar | Medium | 6.5 | 2024-11-19 16:31:43 | Deep Dive |
| CVE-2024-51660 | WordPress Easy Accordion Gutenberg Block plugin <= 1.2.3 - Broken Access Control vulnerability | Binsaifullah | Easy Accordion Gutenberg Block | Medium | 4.3 | 2024-11-19 16:30:38 | Deep Dive |
| CVE-2024-52372 | WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability | WebTechGlobal | Easy CSV Importer BETA | Critical | 10.0 | 2024-11-14 18:12:24 | Deep Dive |
| CVE-2024-10593 | WPForms – Easy Form Builder for WordPress <= 1.9.1.6 - Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion | smub | WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More | Medium | 4.3 | 2024-11-13 02:33:17 | Deep Dive |