Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2564 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-58632 WordPress Dadevarzan WordPress Common Plugin <= 2.2.2 - Cross Site Scripting (XSS) Vulnerability DadevarzanDadevarzan WordPress Common Medium 6.5 2025-09-03 14:36:55 Deep Dive
CVE-2025-58621 WordPress PuzzleMe for WordPress Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability Amuse LabsPuzzleMe for WordPress Medium 6.5 2025-09-03 14:36:50 Deep Dive
CVE-2025-9500 TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter tobiasbgTablePress – Tables in WordPress made easy Medium 6.4 2025-08-30 04:25:06 Deep Dive
CVE-2025-4956 WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 - Path Traversal Vulnerability AA-TeamPro Bulk Watermark Plugin for WordPress Medium 4.3 2025-08-30 01:49:20 Deep Dive
CVE-2025-53243 WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability emarket-designEmployee Directory – Staff Listing &amp; Team Directory Plugin for WordPress High 8.1 2025-08-28 12:37:23 Deep Dive
CVE-2025-49405 WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 - Path Traversal Vulnerability FavethemesPro Bulk Watermark Plugin for WordPress Medium 4.3 2025-08-28 12:37:16 Deep Dive
CVE-2025-48353 WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability dactumClickbank WordPress Plugin (Niche Storefront) High 7.1 2025-08-28 12:37:05 Deep Dive
CVE-2025-48347 WordPress bxSlider integration for WordPress plugin <= 1.7.2 - Cross Site Scripting (XSS) vulnerability Vincent Mimoun-PratbxSlider integration for WordPress Medium 6.5 2025-08-28 12:37:02 Deep Dive
CVE-2025-48315 WordPress WordPress HTML plugin <= 0.51 - Cross Site Scripting (XSS) vulnerability stanton119WordPress HTML Medium 6.5 2025-08-28 12:36:54 Deep Dive
CVE-2025-0951 LiquidThemes Themes <= Various Versions - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated LiquidThemesAI Hub - Startup & Technology WordPress Theme Medium 4.3 2025-08-28 03:42:43 Deep Dive
CVE-2025-8897 Beaver Builder Plugin (Lite Version) <= 2.9.2.1 - Reflected Cross-Site Scripting beaverbuilderBeaver Builder Page Builder – Drag and Drop Website Builder Medium 6.1 2025-08-28 01:46:30 Deep Dive
CVE-2025-6247 WordPress Automatic Plugin - AI content generator and auto poster plugin <= 3.118.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting ValvePressWordPress Automatic Plugin Medium 4.7 2025-08-26 09:06:08 Deep Dive
CVE-2024-8860 Tourfic <= 2.14.5 - Missing Authorization in Multiple Functions themeficTourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin Medium 4.3 2025-08-26 07:06:04 Deep Dive
CVE-2025-7841 Sertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings Update sertifierSertifier Certificate & Badge Maker for WordPress – Tutor LMS Medium 4.3 2025-08-23 04:25:49 Deep Dive
CVE-2025-8895 WP Webhooks <= 3.3.5 - Unauthenticated Arbitrary File Copy cozmoslabsWP Webhooks – Automate repetitive tasks by creating powerful automation workflows directly within WordPress Critical 9.8 2025-08-21 07:26:36 Deep Dive
CVE-2025-49382 WordPress JobZilla - Job Board WordPress Theme Theme <= 2.0 - Cross Site Request Forgery (CSRF) Vulnerability DexignZoneJobZilla - Job Board WordPress Theme High 8.8 2025-08-20 08:03:55 Deep Dive
CVE-2025-49408 WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - Arbitrary File Upload Vulnerability WPDeveloperPremium Age Verification / Restriction for WordPress Critical 10.0 2025-08-20 08:03:49 Deep Dive
CVE-2025-49406 WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - SQL Injection Vulnerability favethemesPremium Age Verification / Restriction for WordPress High 8.5 2025-08-20 08:03:49 Deep Dive
CVE-2025-49411 WordPress FAQ Revolution - WordPress Plugin <= 1.5.0 - Cross Site Scripting (XSS) Vulnerability Vikas SharmaFAQ Revolution - WordPress Plugin High 7.1 2025-08-20 08:03:45 Deep Dive
CVE-2025-54677 WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.5.3 - Arbitrary File Upload Vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Critical 9.1 2025-08-20 08:02:52 Deep Dive