| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-25977 | Session Fixation | Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany | HAWKI | - | - | 2024-05-29 12:31:30 | Deep Dive |
| CVE-2024-25976 | Reflected Cross-Site-Scripting (XSS) | Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany | HAWKI | - | - | 2024-05-29 12:22:47 | Deep Dive |
| CVE-2024-23522 | WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability | Strategy11 Form Builder Team | Formidable Forms | Medium | 5.3 | 2024-05-17 08:47:40 | Deep Dive |
| CVE-2023-51424 | WordPress WebinarIgnition plugin <= 3.05.0 - Unauthenticated Privilege Escalation vulnerability | Saleswonder Team | WebinarIgnition | Critical | 9.8 | 2024-05-17 08:42:58 | Deep Dive |
| CVE-2024-30522 | WordPress Newsletter plugin <= 8.2.0 - IP Blacklist Bypass vulnerability | Stefano Lissa & The Newsletter Team | Newsletter | Medium | 5.3 | 2024-05-17 08:21:17 | Deep Dive |
| CVE-2024-33549 | WordPress WZone plugin <= 14.0.10 - Privilege Escalation vulnerability | AA-Team | WZone | High | 8.8 | 2024-05-17 08:18:12 | Deep Dive |
| CVE-2023-41954 | WordPress ProfilePress plugin <= 4.13.1 - Unauthenticated Limited Privilege Escalation vulnerability | ProfilePress Membership Team | ProfilePress | High | 8.6 | 2024-05-17 06:54:22 | Deep Dive |
| CVE-2023-41243 | WordPress WPvivid Backup Plugin plugin <= 0.9.90 - Privilege Escalation on Staging Environment vulnerability | WPvivid Team | WPvivid Backup and Migration | High | 8.8 | 2024-05-17 06:53:29 | Deep Dive |
| CVE-2024-35166 | WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability | Ninja Team | Filebird | Medium | 5.3 | 2024-05-13 09:09:42 | Deep Dive |
| CVE-2024-32776 | WordPress AppPresser plugin <= 4.3.0 - Broken Access Control vulnerability | AppPresser Team | AppPresser | Medium | 6.5 | 2024-05-10 08:43:20 | Deep Dive |
| CVE-2024-29800 | WordPress Timber plugin <= 1.23.0 - Deserialization of untrusted data vulnerability | Timber Team & Contributors | Timber | High | 8.0 | 2024-05-09 11:36:56 | Deep Dive |
| CVE-2024-34437 | WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability | 10Web Form Builder Team | Form Maker by 10Web | Medium | 5.9 | 2024-05-09 11:03:03 | Deep Dive |
| CVE-2024-34367 | WordPress Popup Box plugin <= 4.1.2 - CSRF to XSS vulnerability | Popup Box Team | Popup box | High | 7.1 | 2024-05-06 18:16:16 | Deep Dive |
| CVE-2024-33927 | WordPress Giphypress plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability | Team GIPHY | Giphypress | Medium | 6.5 | 2024-05-03 07:11:39 | Deep Dive |
| CVE-2024-1896 | Photo Gallery <= 1.4.2 - Authenticated(Contributor+) PHP Object Injection via Shortcode | awordpresslife | Photo Gallery for Images | High | 7.5 | 2024-05-02 16:51:47 | Deep Dive |
| CVE-2024-33586 | WordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerability | Photo Gallery Team | Photo Gallery by 10Web | Medium | 5.3 | 2024-04-29 12:42:29 | Deep Dive |
| CVE-2024-33587 | WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability | Copy Content Protection Team | Secure Copy Content Protection and Content Locking | Medium | 5.3 | 2024-04-29 12:40:47 | Deep Dive |
| CVE-2024-33641 | WordPress Custom field finder plugin <= 0.3 - PHP Object Injection vulnerability | Team Yoast | Custom field finder | Medium | 5.4 | 2024-04-29 07:36:15 | Deep Dive |
| CVE-2024-33544 | WordPress WZone plugin <= 14.0.10 - Unauthenticated SQL Injection vulnerability | AA-Team | WZone | Critical | 9.3 | 2024-04-29 06:14:32 | Deep Dive |
| CVE-2024-33546 | WordPress WZone plugin <= 14.0.10 - Arbitrary SQL Update Execution vulnerability | AA-Team | WZone | Critical | 9.6 | 2024-04-29 06:12:50 | Deep Dive |