| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12848 | SKT Page Builder <= 4.6 - Authenticated (Subscriber+) Arbitrary File Upload | sonalsinha21 | SKT Page Builder | High | 8.8 | 2025-01-09 11:11:02 | Deep Dive |
| CVE-2024-12045 | Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 5.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting | wpdevteam | Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns | Medium | 4.4 | 2025-01-08 07:18:38 | Deep Dive |
| CVE-2025-22560 | WordPress Saoshyant Page Builder plugin <= 3.8 - Broken Access Control vulnerability | saoshyant1994 | Saoshyant Page Builder | Medium | 5.3 | 2025-01-07 14:57:13 | Deep Dive |
| CVE-2024-56285 | WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross-Site Scripting vulnerability | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 6.5 | 2025-01-07 10:49:19 | Deep Dive |
| CVE-2024-56286 | WordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Local File Inclusion vulnerability | webcodingplace | Classic Addons – WPBakery Page Builder | High | 7.5 | 2025-01-07 10:49:18 | Deep Dive |
| CVE-2024-56300 | WordPress Post/Page Copying Tool plugin <= 2.0.0 - Sensitive Data Exposure vulnerability | wpspin | Post/Page Copying Tool | High | 7.5 | 2025-01-07 10:49:07 | Deep Dive |
| CVE-2025-22316 | WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability | wpbits | WPBITS Addons For Elementor Page Builder | Medium | 5.9 | 2025-01-07 10:48:53 | Deep Dive |
| CVE-2024-12538 | Duplicate Post, Page and Any Custom Post <= 3.5.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication | binsaifullah | Duplicate Post, Page and Any Custom Post | Medium | 4.3 | 2025-01-07 03:22:00 | Deep Dive |
| CVE-2024-12098 | ARS Affiliate Page Plugin <= 2.0.2 - Reflected Cross-Site Scripting | arsdeveloper | ARS Affiliate Page Plugin | Medium | 6.1 | 2025-01-07 03:21:58 | Deep Dive |
| CVE-2024-37503 | WordPress Lawyer Landing Page theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerability | raratheme | Lawyer Landing Page | Medium | 4.3 | 2025-01-02 12:00:59 | Deep Dive |
| CVE-2024-37508 | WordPress Construction Landing Page theme <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability | raratheme | Construction Landing Page | Medium | 4.3 | 2025-01-02 12:00:59 | Deep Dive |
| CVE-2024-49686 | WordPress Landing Page Cat plugin <= 1.7.4 - Broken Access Control vulnerability | fatcatapps | Landing Page Cat | Medium | 5.4 | 2024-12-31 13:57:15 | Deep Dive |
| CVE-2024-12103 | Content No Cache: prevent specific content from being cached <= 0.1.2 - Unauthenticated Private Content Disclosure | giuse | Content No Cache | Serve uncached partial content even when you add it to a page that is fully cached. | Medium | 5.3 | 2024-12-24 09:21:50 | Deep Dive |
| CVE-2024-12594 | ALL In One Custom Login Page <= 7.1.1 - Missing Authorization to Authenticated (Subscriber+)Privilege Escalation | zia-imtiaz | Login Page Styler – Custom WordPress Login Page Customizer & Security | High | 8.8 | 2024-12-24 05:23:44 | Deep Dive |
| CVE-2024-10453 | Elementor Website Builder – More than Just a Page Builder <= 3.25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typography Settings | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-12-21 09:23:56 | Deep Dive |
| CVE-2024-11297 | Page Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | cyberlord92 | Page and Post Restriction | Medium | 5.3 | 2024-12-20 06:59:07 | Deep Dive |
| CVE-2024-11295 | Simple Page Access Restriction <= 1.0.29 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | pluginsandsnippets | Simple Page Access Restriction | Medium | 5.3 | 2024-12-18 07:02:46 | Deep Dive |
| CVE-2024-54382 | WordPress Bold Page Builder plugin <= 5.1.5 - Path Traversal vulnerability | boldthemes | Bold Page Builder | Medium | 4.9 | 2024-12-16 14:31:29 | Deep Dive |
| CVE-2024-54442 | WordPress Better WP Login Page plugin <= 1.1.2 - Stored Cross Site Scripting (XSS) vulnerability | cortesfrau | Better WP Login Page | Medium | 5.9 | 2024-12-16 14:14:16 | Deep Dive |
| CVE-2023-36526 | WordPress Duplicate Post Page Menu & Custom Post Type plugin <= 3.0.1 - Broken Access Control vulnerability | Attinder Singh | Duplicate Post Page Menu & Custom Post Type | Medium | 5.4 | 2024-12-13 14:23:44 | Deep Dive |