| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-23715 | WordPress Post & Page Notes plugin <= 0.1.1 - CSRF to Stored XSS vulnerability | RaymondDesign | Post & Page Notes | High | 7.1 | 2025-01-16 20:06:47 | Deep Dive |
| CVE-2025-23654 | WordPress Twitter Post plugin <= 0.1 - CSRF to Stored XSS vulnerability | krolow | Twitter Post | High | 7.1 | 2025-01-16 20:06:34 | Deep Dive |
| CVE-2025-23566 | WordPress Custom Post plugin <= 1.0 - CSRF to Stored XSS vulnerability | syedamirhussain91 | Custom Post | High | 7.1 | 2025-01-16 20:06:17 | Deep Dive |
| CVE-2025-23530 | WordPress Custom Post Type Lockdown plugin <= 1.11 - CSRF to Privilege Escalation vulnerability | yonisink | Custom Post Type Lockdown | High | 8.8 | 2025-01-16 20:06:11 | Deep Dive |
| CVE-2025-23463 | WordPress MD Custom content after or before of post plugin <= 1.0 - CSRF to Stored XSS vulnerability | Mukesh Dak | MD Custom content after or before of post | High | 7.1 | 2025-01-16 20:05:49 | Deep Dive |
| CVE-2025-22748 | WordPress SetMore Theme – Custom Post Types plugin <= 1.1 - Stored Cross Site Scripting (XSS) vulnerability | Setmore | SetMore Theme – Custom Post Types | Medium | 6.5 | 2025-01-15 15:23:30 | Deep Dive |
| CVE-2025-22750 | WordPress Post Carousel & Slider plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability | Patel | Post Carousel & Slider | High | 7.1 | 2025-01-15 15:23:29 | Deep Dive |
| CVE-2025-22759 | WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability | BoldGrid | Post and Page Builder by BoldGrid | Medium | 6.5 | 2025-01-15 15:23:25 | Deep Dive |
| CVE-2025-22764 | WordPress WP Post Corrector Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability | vipul Jariwala | WP Post Corrector | High | 7.1 | 2025-01-15 15:23:23 | Deep Dive |
| CVE-2024-9636 | Post Grid and Gutenberg Blocks 2.2.85 - 2.3.3 - Unauthenticated Privilege Escalation | pickplugins | Post Grid and Gutenberg Blocks – ComboBlocks | Critical | 9.8 | 2025-01-15 09:25:54 | Deep Dive |
| CVE-2025-22800 | WordPress Post SMTP plugin <= 2.9.11 - Broken Access Control vulnerability | Saad Iqbal | Post SMTP | Medium | 4.3 | 2025-01-13 13:11:37 | Deep Dive |
| CVE-2025-22499 | WordPress F4 Post Tree Plugin <= 1.1.18 - Reflected Cross Site Scripting (XSS) vulnerability | FAKTOR VIER | F4 Post Tree | High | 7.1 | 2025-01-13 13:11:34 | Deep Dive |
| CVE-2025-22568 | WordPress Post And Page Reactions Plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability | arete-it | Post And Page Reactions | High | 7.1 | 2025-01-13 13:11:32 | Deep Dive |
| CVE-2024-12407 | Push Notification for Post and BuddyPress <= 2.07 - Reflected Cross-Site Scripting | murali-indiacitys | Push Notification for Post and BuddyPress | Medium | 6.1 | 2025-01-11 07:21:55 | Deep Dive |
| CVE-2024-12472 | Post Duplicator <= 2.36 - Authenticated (Contributor+) Protected Post Disclosure | metaphorcreations | Post Duplicator | Medium | 4.3 | 2025-01-11 02:20:54 | Deep Dive |
| CVE-2024-13294 | POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060 | Drupal | POST File | 中危 | - | 2025-01-09 20:17:48 | Deep Dive |
| CVE-2024-13293 | POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059 | Drupal | POST File | 中危 | - | 2025-01-09 20:17:22 | Deep Dive |
| CVE-2024-11642 | Post Grid Master <= 3.4.12 - Missing Authorization to Unauthenticated Local PHP File Inclusion | mdshuvo | Post Grid Master — Post Grids & AJAX Filters | Critical | 9.8 | 2025-01-09 11:11:04 | Deep Dive |
| CVE-2025-22507 | WordPress WPMU Prefill Post Plugin <= 1.02 - SQL Injection vulnerability | iDo8p | WPMU Prefill Post | High | 7.6 | 2025-01-07 14:57:37 | Deep Dive |
| CVE-2025-22541 | WordPress WP Delete Post Copies plugin <= 5.5 - Broken Access Control vulnerability | etruel | WP Delete Post Copies | Medium | 5.4 | 2025-01-07 14:57:24 | Deep Dive |