Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 512 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-11091 Support SVG – Upload svg files in wordpress without hassle <= 1.1.0 - Authenticated (Author+) Stored Cross-site Scripting via SVG File Upload sayedulsayemSupport SVG – Upload svg files in wordpress without hassle Medium 6.4 2024-11-26 08:31:55 Deep Dive
CVE-2024-52370 WordPress Hive Support – WordPress Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin <= 1.1.1 - Arbitrary File Upload vulnerability Hive SupportHive Support Critical 9.9 2024-11-14 18:13:52 Deep Dive
CVE-2024-10627 WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Upload vanquishWooCommerce Support Ticket System Critical 9.8 2024-11-09 03:30:47 Deep Dive
CVE-2024-10625 WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Deletion vanquishWooCommerce Support Ticket System Critical 9.8 2024-11-09 03:18:15 Deep Dive
CVE-2024-10626 WooCommerce Support Ticket System <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion vanquishWooCommerce Support Ticket System High 8.8 2024-11-09 03:18:15 Deep Dive
CVE-2024-10269 Easy SVG Support <= 3.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload benjamin_zekavicaEasy SVG Support Medium 6.4 2024-11-08 06:39:59 Deep Dive
CVE-2024-10963 Pam: improper hostname interpretation in pam_access leads to access control bypass -- High 7.4 2024-11-07 16:02:35 Deep Dive
CVE-2023-1932 Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss Red HatA-MQ Clients 2 Medium 6.1 2024-11-07 10:00:52 Deep Dive
CVE-2024-47302 WordPress Fluent Support plugin <= 1.8.0 - Broken Access Control on Email Verification vulnerability Shahjahan JewelFluent Support Medium 5.3 2024-11-01 14:18:43 Deep Dive
CVE-2024-43274 WordPress JS Help Desk – The Ultimate Help Desk plugin <= 2.8.6 - Broken Access Control vulnerability JS Help DeskJS Help Desk – Best Help Desk & Support Plugin Medium 5.8 2024-11-01 14:17:33 Deep Dive
CVE-2024-9632 Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability -- High 7.8 2024-10-30 07:42:35 Deep Dive
CVE-2024-10041 Pam: libpam: libpam vulnerable to read hashed password -- Medium 4.7 2024-10-23 13:46:28 Deep Dive
CVE-2024-9050 Networkmanager-libreswan: local privilege escalation via leftupdown -- High 7.8 2024-10-22 12:14:32 Deep Dive
CVE-2024-10055 Click to Chat – WP Support All-in-One Floating Widget <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsaio_snapchat Shortcode ninjateamWP Click to Chat – Email, Live Chat, Call & Book Now Buttons Medium 6.4 2024-10-18 07:35:26 Deep Dive
CVE-2024-49281 WordPress Click to Chat – WP Support All-in-One Floating Widget plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability Ninja TeamClick to Chat – WP Support All-in-One Floating Widget Medium 6.5 2024-10-17 19:15:28 Deep Dive
CVE-2024-47304 WordPress Fluent Support plugin <= 1.8.0 - SQL Injection vulnerability Shahjahan JewelFluent Support High 8.5 2024-10-17 17:36:27 Deep Dive
CVE-2024-49235 WordPress Contact Forms, Live Support, CRM, Video Messages plugin <= 1.10.2 - Sensitive Data Exposure vulnerability videowhisperContact Forms, Live Support, CRM, Video Messages--2024-10-17 17:24:18 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9676 Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos) -- Medium 6.5 2024-10-15 15:27:34 Deep Dive
CVE-2024-9675 Buildah: buildah allows arbitrary directory mount -- High 7.8 2024-10-09 14:32:12 Deep Dive