| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-25489 | WordPress Update Theme and Plugins from Zip File Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) | Jeff Sherk | Update Theme and Plugins from Zip File | Medium | 4.3 | 2023-10-04 10:35:26 | Deep Dive |
| CVE-2023-44264 | WordPress The Awesome Feed – Custom Feed Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS) | Arrow Plugins | The Awesome Feed – Custom Feed | Medium | 6.5 | 2023-10-02 10:06:27 | Deep Dive |
| CVE-2023-41797 | WordPress Locations Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS) | Gold Plugins | Locations | Medium | 6.5 | 2023-10-02 08:17:04 | Deep Dive |
| CVE-2023-32122 | WordPress Spiffy Calendar Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS) | Spiffy Plugins | Spiffy Calendar | Medium | 5.8 | 2023-08-18 15:17:09 | Deep Dive |
| CVE-2023-31232 | WordPress Plugins List Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS) | David Artiss | Plugins List | Medium | 5.9 | 2023-08-18 13:11:57 | Deep Dive |
| CVE-2023-31076 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS) | Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes | High | 7.1 | 2023-08-17 08:44:54 | Deep Dive |
| CVE-2023-30871 | WordPress Stock Exporter for WooCommerce Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) | PT Woo Plugins (by Webdados) | Stock Exporter for WooCommerce | High | 7.1 | 2023-08-16 10:10:28 | Deep Dive |
| CVE-2023-3613 | Guest accounts invited and added to channels by Welcomebot plugin | Mattermost | Mattermost Plugins | Low | 3.5 | 2023-07-17 15:31:24 | Deep Dive |
| CVE-2023-37985 | WordPress Five Star Restaurant Menu Plugin <= 2.4.6 is vulnerable to Cross Site Request Forgery (CSRF) | FiveStarPlugins | Restaurant Menu and Food Ordering by Five Star Plugins | Medium | 4.3 | 2023-07-17 15:04:42 | Deep Dive |
| CVE-2023-35089 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) | Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes | Medium | 4.3 | 2023-07-17 13:31:13 | Deep Dive |
| CVE-2023-23897 | WordPress Simple Mobile URL Redirect Plugin <= 1.7.2 is vulnerable to Cross Site Request Forgery (CSRF) | Ozette Plugins | Simple Mobile URL Redirect | Medium | 4.3 | 2023-07-10 12:14:48 | Deep Dive |
| CVE-2023-23876 | WordPress wpDataTables Plugin <= 2.1.49 is vulnerable to Cross Site Scripting (XSS) | TMS-Plugins | wpDataTables | Medium | 6.5 | 2023-05-03 13:12:59 | Deep Dive |
| CVE-2022-47598 | WordPress WP Super Popup Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) | WP Plugins Pro | WP Super Popup | Medium | 5.9 | 2023-04-24 14:23:40 | Deep Dive |
| CVE-2023-22687 | WordPress Freesoul Deactivate Plugins – Plugin manager and cleanup Plugin <= 1.9.4.0 is vulnerable to Sensitive Data Exposure | Jose Mortellaro | Freesoul Deactivate Plugins – Plugin manager and cleanup | Low | 3.7 | 2023-04-16 08:08:23 | Deep Dive |
| CVE-2023-23865 | WordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF) | Checkout Plugins | Stripe Payments For WooCommerce by Checkout Plugins | Medium | 4.3 | 2023-02-28 14:45:53 | Deep Dive |
| CVE-2022-4761 | Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode | Unknown | Post Views Count (Support caching plugins!) | 中危 | - | 2023-02-21 08:50:45 | Deep Dive |
| CVE-2022-42494 | WordPress All in One SEO Pro plugin <= 4.2.5.1 - Server Side Request Forgery (SSRF) vulnerability | Semper Plugins, LLC | All in One SEO Pro (WordPress plugin) | Low | 3.0 | 2022-11-08 18:33:32 | Deep Dive |
| CVE-2022-40213 | WordPress GS Testimonial Slider plugin <= 1.9.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities | GS Plugins | GS Testimonial Slider (WordPress plugin) | Medium | 4.1 | 2022-09-23 13:50:58 | Deep Dive |
| CVE-2022-38665 | Jenkins Plugin CollabNet 安全漏洞 | Jenkins project | Jenkins CollabNet Plugins Plugin | 中危 | - | 2022-08-23 16:45:45 | Deep Dive |
| CVE-2022-35882 | WordPress GS Testimonial Slider plugin <= 1.9.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | GS Plugins | GS Testimonial Slider (WordPress plugin) | Medium | 4.8 | 2022-07-28 14:22:48 | Deep Dive |