Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2023-2716	Groundhogg <= 2.7.9.8 - Missing Authorization to Non-Arbitrary File Upload	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Medium	5.4	2023-05-20 02:03:22	Deep Dive
CVE-2023-2714	Groundhogg <= 2.7.9.8 - Missing Authorization to Update License	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Medium	4.3	2023-05-20 02:03:20	Deep Dive
CVE-2023-2715	Groundhogg <= 2.7.9.8 - Missing Authorization to Admin Account and Ticket Creation	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Medium	4.3	2023-05-20 02:03:19	Deep Dive
CVE-2023-30742	Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)	SAP_SE	SAP CRM (WebClient UI)	Medium	6.1	2023-05-09 01:35:18	Deep Dive
CVE-2023-29188	Cross-Site Scripting (XSS) vulnerability in SAP CRM WebClient UI	SAP_SE	SAP CRM WebClient UI	Medium	5.4	2023-05-09 00:57:57	Deep Dive
CVE-2022-44582	WordPress Apptivo Business Site CRM Plugin <= 3.0.12 is vulnerable to Cross Site Scripting (XSS)	Apptivo	Apptivo Business Site CRM	Medium	4.8	2023-04-23 08:55:27	Deep Dive
CVE-2023-29189	HTTP Verb Tampering vulnerability in SAP CRM (WebClient UI)	SAP	CRM (WebClient UI)	Medium	5.4	2023-04-11 03:11:31	Deep Dive
CVE-2023-27897	Code Injection vulnerability in SAP CRM	SAP	CRM	Medium	6.0	2023-04-11 02:50:01	Deep Dive
CVE-2023-1425	Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi	Unknown	WordPress CRM, Email & Marketing Automation for WordPress \| Award Winner — Groundhogg	高危	-	2023-04-10 13:17:57	Deep Dive
CVE-2023-1060	XSS in YKM CRM	YKM	YKM CRM	Medium	6.1	2023-03-31 09:02:04	Deep Dive
CVE-2023-24525	SAP CRM 跨站脚本漏洞	SAP	CRM (WebClient UI)	Medium	4.3	2023-02-14 03:18:24	Deep Dive
CVE-2022-38467	WordPress CRM Perks Forms Plugin <= 1.1.0 is vulnerable to Reflected Cross Site Scripting (XSS) vulnerability	CRM Perks	CRM Perks Forms – WordPress Form Builder	Medium	6.1	2023-01-14 10:14:12	Deep Dive
CVE-2022-4497	Jetpack CRM < 5.5 - Contributor+ Stored XSS	Unknown	Jetpack CRM	中危	-	2023-01-09 22:13:36	Deep Dive
CVE-2022-3919	Jetpack CRM < 5.4.3 - Admin+ Cross-Site Scripting	Unknown	Jetpack CRM	中危	-	2022-12-12 17:54:41	Deep Dive
CVE-2022-41978	WordPress Zoho CRM Lead Magnet plugin <= 1.7.5.8 - Auth. Arbitrary Options Update vulnerability	Zoho CRM	Zoho CRM Lead Magnet (WordPress plugin)	High	8.8	2022-11-09 15:46:23	Deep Dive
CVE-2022-35805	Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability	Microsoft	Microsoft Dynamics CRM (on-premises) 9.0	High	8.8	2022-09-13 18:41:50	Deep Dive
CVE-2022-34700	Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability	Microsoft	Microsoft Dynamics CRM (on-premises) 9.0	High	8.8	2022-09-13 18:41:32	Deep Dive
CVE-2022-1202	WP-CRM <= 1.2.1 - CSV Injection	Unknown	WP-CRM – Customer Relations Management for WordPress	高危	-	2022-06-13 12:41:41	Deep Dive
CVE-2022-1239	HubSpot < 8.8.15 - Contributor+ Blind SSRF	Unknown	HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics	高危	-	2022-05-02 16:05:49	Deep Dive
CVE-2021-39198	The disqualify lead action may be executed without CSRF token check	oroinc	crm	Medium	4.2	2021-11-19 21:30:09	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List