| CVE-2024-9018 | WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter | hahncgdev | WP Easy Gallery – WordPress Gallery Plugin | High | 8.8 | 2024-10-01 08:30:17 | Deep Dive |
| CVE-2024-8728 | Easy Load More <= 1.0.3 - Reflected Cross-Site Scripting | brianbrey | Easy Load More | Medium | 6.1 | 2024-10-01 07:30:17 | Deep Dive |
| CVE-2024-9267 | Easy WordPress Subscribe – Optin Hound <= 1.4.3 - Reflected Cross-Site Scripting via add_query_arg Parameter | optinhound | Easy WordPress Subscribe – Optin Hound | Medium | 6.1 | 2024-10-01 07:30:16 | Deep Dive |
| CVE-2024-8434 | Easy Mega Menu Plugin for WordPress – ThemeHunk <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Settings Updates | themehunk | Easy Mega Menu for WordPress – ThemeHunk | Medium | 4.3 | 2024-09-25 02:05:24 | Deep Dive |
| CVE-2024-8476 | Easy PayPal Events <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion | scottpaterson | Easy PayPal Events & Tickets | Medium | 4.3 | 2024-09-25 02:05:13 | Deep Dive |
| CVE-2024-8436 | WP Easy Gallery – WordPress Gallery Plugin <= 4.8.5 - Authenticated (Subscriber+) SQL Injection | hahncgdev | WP Easy Gallery – WordPress Gallery Plugin | Critical | 9.9 | 2024-09-24 07:30:46 | Deep Dive |
| CVE-2024-8437 | WP Easy Gallery – WordPress Gallery Plugin <= 4.8.5 - Missing Authorization to Authenticated (Subscriber+) Gallery Manipulation | hahncgdev | WP Easy Gallery – WordPress Gallery Plugin | Medium | 4.3 | 2024-09-24 07:30:46 | Deep Dive |
| CVE-2022-2439 | Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 3.3.3 - Authenticated (Admin+) PHAR Deserialization | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | High | 7.2 | 2024-09-24 03:06:39 | Deep Dive |
| CVE-2024-3163 | Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF | Unknown | Easy Property Listings | - | - | 2024-09-12 06:00:02 | Deep Dive |
| CVE-2024-8328 | HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS | HWA JIUH DIGITAL TECHNOLOGY | Easy test Online Learning and Testing Platform | Medium | 5.4 | 2024-08-30 02:20:50 | Deep Dive |
| CVE-2024-8327 | HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection | HWA JIUH DIGITAL TECHNOLOGY | Easy test Online Learning and Testing Platform | High | 8.8 | 2024-08-30 02:14:16 | Deep Dive |
| CVE-2024-5057 | WordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerability | Easy Digital Downloads | Easy Digital Downloads | Critical | 9.3 | 2024-08-29 14:04:35 | Deep Dive |
| CVE-2024-2254 | RT Easy Builder – Advanced addons for Elementor <= 2.3 - Authenticated (Contributor+) Stored Cross-site Scripting | risetheme | RT Easy Builder – Advanced addons for Elementor | Medium | 6.4 | 2024-08-24 02:32:20 | Deep Dive |
| CVE-2024-43236 | WordPress Easy PayPal & Stripe Buy Now Button plugin <= 1.9 - Open Redirection vulnerability | Scott Paterson | Easy PayPal Buy Now Button | Medium | 4.7 | 2024-08-19 17:05:18 | Deep Dive |
| CVE-2024-43305 | WordPress Custom Layouts – Post + Product grids made easy plugin <= 1.4.11 - Cross Site Scripting (XSS) vulnerability | Code Amp | Custom Layouts – Post + Product grids made easy | Medium | 6.5 | 2024-08-18 14:23:41 | Deep Dive |
| CVE-2024-6692 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Agreement Text | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Low | 3.3 | 2024-08-10 02:01:23 | Deep Dive |
| CVE-2024-6691 | Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) <= 3.3.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Currency Settings | smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy | Medium | 4.4 | 2024-08-10 02:01:20 | Deep Dive |
| CVE-2024-7082 | easy-table-of-contents < 2.0.68 - Editor+ Stored XSS | Unknown | Easy Table of Contents | - | - | 2024-08-06 06:00:07 | Deep Dive |
| CVE-2024-6872 | Build Your Dream Website Fast with 400+ Starter Templates and Landing Pages, No Coding Needed, One-Click Import for Elementor & Gutenberg Blocks! – TemplateSpare <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme Update | templatespare | TemplateSpare – 1000+ WordPress Starter Templates & Full Site Migration Tool | 1-Click Import/Export & No-Code Builder | Medium | 4.3 | 2024-08-03 11:37:39 | Deep Dive |
| CVE-2024-3113 | FormFlow < 2.12.2 - Admin+ Stored XSS | Unknown | FormFlow: WhatsApp Social and Advanced Form Builder with Easy Lead Collection | - | - | 2024-07-30 06:00:06 | Deep Dive |