Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 500 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-9106 Wechat Social login <= 1.3.0 - Authentication Bypass xunhuwebWechat Social login 微信QQ钉钉登录插件 Critical 9.8 2024-10-01 07:30:09 Deep Dive
CVE-2024-9108 Wechat Social login <= 1.3.0 - Unauthenticated Arbitrary File Upload xunhuwebWechat Social login 微信QQ钉钉登录插件 Critical 9.8 2024-10-01 07:30:07 Deep Dive
CVE-2024-8715 Simple LDAP Login <= 1.6.0 - Reflected Cross-Site Scripting clifgriffinSimple LDAP Login Medium 6.1 2024-09-28 02:31:28 Deep Dive
CVE-2022-4533 Limit Login Attempts Plus <= 1.1.0 - IP Address Spoofing to Protection Mechanism Bypass devfelixmoiraLimit Login Attempts Plus – WordPress Limit Login Attempts By Felix Medium 5.3 2024-09-19 03:59:15 Deep Dive
CVE-2024-21743 WordPress Houzez Login Register plugin <= 3.2.5 - Privilege Escalation vulnerability favethemesHouzez Login Register High 8.8 2024-09-17 13:35:45 Deep Dive
CVE-2024-6482 Login with phone number <= 1.7.49 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation glboyOTP Login With Phone Number, OTP Verification High 8.8 2024-09-14 12:31:09 Deep Dive
CVE-2024-8665 YITH Custom Login <= 1.7.3 - Reflected Cross-Site Scripting yithemesYITH Custom Login Medium 6.1 2024-09-13 06:47:26 Deep Dive
CVE-2024-8252 Clean Login <= 1.14.5 - Authenticated (Contributor+) Local File Inclusion horneroClean Login High 8.8 2024-08-30 09:29:49 Deep Dive
CVE-2024-43311 WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability Geek Code LabLogin As Users Critical 9.8 2024-08-19 19:20:47 Deep Dive
CVE-2022-4532 LOGIN AND REGISTRATION ATTEMPTS LIMIT<= 2.1 - IP Address Spoofing to Protection Mechanism Bypass krut1LOGIN AND REGISTRATION ATTEMPTS LIMIT Medium 6.5 2024-08-17 07:34:22 Deep Dive
CVE-2024-7422 Theme My Login <= 7.1.7 - Cross-Site Request Forgery to Settings Update jfarthing84Theme My Login Medium 4.3 2024-08-16 03:20:19 Deep Dive
CVE-2024-7503 WooCommerce - Social Login <= 2.7.5 - Authentication Bypass to Account Takeover WPWebWooCommerce - Social Login Critical 9.8 2024-08-10 02:01:24 Deep Dive
CVE-2024-37429 WordPress Login with phone number plugin <= 1.7.35 - Admin+ Cross Site Scripting (XSS) vulnerability Hamid AliniaLogin with phone number Medium 5.9 2024-07-22 08:26:57 Deep Dive
CVE-2024-37523 WordPress Login Logo Editor plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability AMP-MODELogin Logo Editor Medium 5.9 2024-07-21 07:09:14 Deep Dive
CVE-2024-6636 WooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation WPWebWooCommerce - Social Login Critical 9.8 2024-07-20 07:38:05 Deep Dive
CVE-2024-6635 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass WPWebWooCommerce - Social Login High 7.3 2024-07-20 07:38:04 Deep Dive
CVE-2024-6637 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Privilege Escalation via One-Time Password WPWebWooCommerce - Social Login High 7.3 2024-07-20 07:37:52 Deep Dive
CVE-2024-6289 WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure UnknownWPS Hide Login 中危 -2024-07-15 06:00:06 Deep Dive
CVE-2024-6554 Branda – White Label WordPress, Custom Login Page Customizer <= 3.4.18 - Unauthenticated Full Path Disclosure wpmudevBranda – White Label & Branding, Free Login Page Customizer Medium 5.3 2024-07-11 03:33:19 Deep Dive
CVE-2023-6813 Login by Auth0 <= 4.6.0 - Reflected Cross-Site Scripting via wle auth0Login by Auth0 Medium 6.1 2024-07-10 07:36:44 Deep Dive