| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8812 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | PDF-XChange | PDF-XChange Editor | 高危 | - | 2024-11-22 21:03:15 | Deep Dive |
| CVE-2024-50549 | WordPress Bonway Static Block Editor plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability | Steven Nolles | Bonway Static Block Editor | Medium | 6.5 | 2024-11-19 16:32:05 | Deep Dive |
| CVE-2024-49256 | WordPress Htaccess File Editor plugin <= 1.0.18 - Broken Access Control vulnerability | WP Chill | Htaccess File Editor | Medium | 5.4 | 2024-11-01 14:18:46 | Deep Dive |
| CVE-2024-10367 | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE <= 3.0.4 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | themeisle | Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE | Medium | 6.4 | 2024-11-01 11:01:56 | Deep Dive |
| CVE-2024-50468 | WordPress Raptor Editor plugin <= 1.0.20 - Cross Site Scripting (XSS) vulnerability | faceleg | Raptor Editor | Medium | 6.5 | 2024-10-28 17:42:55 | Deep Dive |
| CVE-2024-9642 | Editor Custom Color Palette <= 3.3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | rock4temps | Editor Custom Color Palette | Medium | 6.4 | 2024-10-26 08:36:02 | Deep Dive |
| CVE-2024-9932 | Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload | jurredeklijn | Wux Blog Editor | Critical | 9.8 | 2024-10-26 01:58:38 | Deep Dive |
| CVE-2024-9931 | Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator | jurredeklijn | Wux Blog Editor | Critical | 9.8 | 2024-10-26 01:58:34 | Deep Dive |
| CVE-2024-10313 | iniNet Solutions SpiderControl SCADA PC HMI Editor Path Traversal | iniNet Solutions | SpiderControl SCADA PC HMI Editor | High | 8.0 | 2024-10-24 17:41:56 | Deep Dive |
| CVE-2024-47312 | WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability | WP Grim | Classic Editor and Classic Widgets | High | 8.5 | 2024-10-17 17:34:57 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9546 | WPIDE <= 3.4.9 - Unauthenticated Full Path Dislcosure | xplodedthemes | WPIDE – File Manager & Code Editor | Medium | 5.3 | 2024-10-14 23:29:56 | Deep Dive |
| CVE-2024-9234 | GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload | ataurr | GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor | Critical | 9.8 | 2024-10-11 06:50:20 | Deep Dive |
| CVE-2024-47348 | WordPress Visual CSS Style Editor plugin <= 7.6.4 - Reflected Cross Site Scripting (XSS) vulnerability | YellowPencil | YellowPencil Visual CSS Style Editor | High | 7.1 | 2024-10-06 10:28:20 | Deep Dive |
| CVE-2024-8743 | Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload | bitpressadmin | File Manager | Medium | 6.8 | 2024-10-05 06:44:11 | Deep Dive |
| CVE-2024-8499 | Checkout Field Editor (Checkout Manager) for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_notice | themehigh | Checkout Field Editor (Checkout Manager) for WooCommerce | Medium | 4.7 | 2024-10-04 12:46:53 | Deep Dive |
| CVE-2022-2446 | WP Editor <= 1.2.9 - Authenticated (Admin+) PHAR Deserialization | benjaminprojas | WP Editor | High | 7.2 | 2024-09-13 15:10:44 | Deep Dive |
| CVE-2024-7770 | Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload | bitpressadmin | File Manager | High | 8.8 | 2024-09-10 10:59:05 | Deep Dive |
| CVE-2024-7627 | Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition | bitpressadmin | Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress | High | 8.1 | 2024-09-05 02:04:25 | Deep Dive |
| CVE-2024-43963 | WordPress Visual CSS Style Editor plugin <= 7.6.1 - Cross Site Scripting (XSS) vulnerability | WaspThemes | YellowPencil Visual CSS Style Editor | High | 7.1 | 2024-08-29 17:45:18 | Deep Dive |