| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-23646 | Pimcore Admin Classic Bundle SQL Injection in Admin download files as zip | pimcore | admin-ui-classic-bundle | High | 8.8 | 2024-01-24 19:41:50 | Deep Dive |
| CVE-2024-23648 | Pimcore Admin Classic Bundle host header injection in the password reset | pimcore | admin-ui-classic-bundle | High | 8.8 | 2024-01-24 18:05:45 | Deep Dive |
| CVE-2023-49783 | No permission checks for editing/deleting records with CSV import form | silverstripe | silverstripe-admin | Medium | 4.3 | 2024-01-23 13:54:51 | Deep Dive |
| CVE-2022-40700 | Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins | Montonio | Montonio for WooCommerce | High | 8.2 | 2024-01-19 14:30:11 | Deep Dive |
| CVE-2023-52128 | WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF) | WhiteWP | White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard | Medium | 4.3 | 2024-01-05 08:49:17 | Deep Dive |
| CVE-2023-4541 | SQLi in Weens Admin Panel | Ween Software | Admin Panel | Critical | 9.8 | 2023-12-29 14:34:06 | Deep Dive |
| CVE-2023-51411 | WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload | Shabti Kaplan | Frontend Admin by DynamiApps | Critical | 10.0 | 2023-12-29 13:50:21 | Deep Dive |
| CVE-2023-49075 | Pimcore Admin UI has Two Factor Authentication disabled for non admin security firewalls | pimcore | admin-ui-classic-bundle | High | 8.4 | 2023-11-28 04:33:24 | Deep Dive |
| CVE-2023-47636 | Full Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle | pimcore | admin-ui-classic-bundle | Medium | 5.3 | 2023-11-15 19:18:15 | Deep Dive |
| CVE-2023-38515 | WordPress Church Admin Plugin <= 3.7.56 is vulnerable to Server Side Request Forgery (SSRF) | Andy Moyle | Church Admin | Medium | 5.5 | 2023-11-13 02:32:34 | Deep Dive |
| CVE-2023-28618 | WordPress Enhanced Plugin Admin Plugin <= 1.16 is vulnerable to Cross Site Request Forgery (CSRF) | Marios Alexandrou | Enhanced Plugin Admin | Medium | 5.4 | 2023-11-12 21:51:20 | Deep Dive |
| CVE-2023-47184 | WordPress Admin Bar & Dashboard Access Control plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability | Collins Agbonghama | Admin Bar & Dashboard Access Control | Medium | 5.9 | 2023-11-06 09:56:41 | Deep Dive |
| CVE-2023-46722 | Pimcore Admin Classic Bundle Cross-site Scripting (XSS) in PDF previews | pimcore | admin-ui-classic-bundle | Medium | 6.1 | 2023-10-31 15:36:50 | Deep Dive |
| CVE-2023-5844 | Unverified Password Change in pimcore/admin-ui-classic-bundle | pimcore | pimcore/admin-ui-classic-bundle | 中危 | - | 2023-10-30 10:08:50 | Deep Dive |
| CVE-2023-41672 | WordPress Hide admin notices – Admin Notification Center Plugin <= 2.3.2 is vulnerable to Cross Site Request Forgery (CSRF) | Rémi Leclercq | Hide admin notices – Admin Notification Center | Medium | 4.3 | 2023-10-09 18:38:15 | Deep Dive |
| CVE-2023-4737 | SQLi in Hedef Trackings Admin Panel | Hedef Tracking | Admin Panel | Critical | 9.8 | 2023-09-27 07:53:45 | Deep Dive |
| CVE-2023-42817 | Cross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations | pimcore | admin-ui-classic-bundle | Medium | 5.4 | 2023-09-25 18:57:34 | Deep Dive |
| CVE-2023-40329 | WordPress Custom Admin Login Page | WPZest Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) | WPZest | Custom Admin Login Page | WPZest | Medium | 5.9 | 2023-09-06 08:24:14 | Deep Dive |
| CVE-2023-28801 | Improper SAML signature verification | Zscaler | ZIA Admin Portal | Critical | 9.6 | 2023-08-31 13:53:11 | Deep Dive |
| CVE-2023-33929 | WordPress Easy Admin Menu Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS) | Joaquín Ruiz | Easy Admin Menu | Medium | 5.9 | 2023-08-30 12:52:15 | Deep Dive |