| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-37483 | WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability | RadiusTheme | The Post Grid | Medium | 5.4 | 2024-11-01 14:18:15 | Deep Dive |
| CVE-2024-38719 | WordPress Auto Featured Image plugin <= 4.1.2 - Broken Access Control vulnerability | Creative Motion | Auto Featured Image (Auto Post Thumbnail) | Medium | 4.3 | 2024-11-01 14:18:06 | Deep Dive |
| CVE-2024-38727 | WordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Broken Access Control vulnerability | Seraphinite Solutions | Seraphinite Post .DOCX Source | Medium | 4.3 | 2024-11-01 14:18:04 | Deep Dive |
| CVE-2024-10048 | Post Status Notifier Lite and Premium <= 1.11.6 - Reflected Cross-Site Scripting via page | ifeelweb | Post Status Notifier | Medium | 6.1 | 2024-10-29 08:31:18 | Deep Dive |
| CVE-2024-50432 | WordPress Post Grid and Gutenberg Blocks plugin <= 2.2.93 - Cross Site Scripting (XSS) vulnerability | PickPlugins | Post Grid and Gutenberg Blocks | Medium | 6.5 | 2024-10-28 18:17:12 | Deep Dive |
| CVE-2024-8392 | WordPress Post Grid Layouts with Pagination – Sogrid <= 1.5.6 - Authenticated (Admin+) Local File Inclusion | delabon | WordPress Post Grid Layouts with Pagination – Sogrid | High | 7.2 | 2024-10-26 08:36:02 | Deep Dive |
| CVE-2024-9607 | 10Web Social Post Feed <= 1.2.9 - Reflected Cross-Site Scripting | 10web | 10Web Social Post Feed | Medium | 6.1 | 2024-10-25 06:51:26 | Deep Dive |
| CVE-2024-9583 | RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging <= 4.23.12 - Missing Authorization | rebelcode | RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging | Medium | 4.3 | 2024-10-23 06:45:06 | Deep Dive |
| CVE-2024-49321 | WordPress Simple Custom Post Order plugin <= 2.5.7 - Broken Access Control vulnerability | colorlibplugins | Simple Custom Post Order | - | - | 2024-10-21 11:11:02 | Deep Dive |
| CVE-2024-49616 | WordPress Rate Own Post plugin <= 1.0 - SQL Injection vulnerability | nyasro | Rate Own Post | High | 8.5 | 2024-10-20 09:55:58 | Deep Dive |
| CVE-2024-49608 | WordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerability | gerryworks | GERRYWORKS Post by Mail | High | 8.8 | 2024-10-20 08:53:37 | Deep Dive |
| CVE-2024-49239 | WordPress Add Categories Post Footer plugin <= 2.2.2 - Reflected Cross Site Scripting (XSS) vulnerability | nikhilvaghela | Add Categories Post Footer | 中危 | - | 2024-10-18 09:46:05 | Deep Dive |
| CVE-2024-10078 | WP Easy Post Types <= 1.4.4 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions | chertz | WP Easy Post Types | Medium | 6.3 | 2024-10-18 07:35:27 | Deep Dive |
| CVE-2024-10079 | WP Easy Post Types <= 1.4.4 - Authenticated (Subscriber+) PHP Object Injection | chertz | WP Easy Post Types | High | 8.8 | 2024-10-18 07:35:26 | Deep Dive |
| CVE-2024-10080 | WP Easy Post Types <= 1.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta | chertz | WP Easy Post Types | Medium | 6.4 | 2024-10-18 07:35:25 | Deep Dive |
| CVE-2024-49313 | WordPress VKontakte Wall Post plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability | rudestan | VKontakte Wall Post | High | 7.1 | 2024-10-17 17:44:55 | Deep Dive |
| CVE-2016-15042 | Frontend File Manager < 4.0 & N-Media Post Front-end Form < 1.1 & - Arbitrary File Upload | nmedia | N-Media Post Front-end Form | Critical | 9.8 | 2024-10-16 07:31:50 | Deep Dive |
| CVE-2021-4450 | Post Grid <= 2.1.12 - Contributor+ SQL Injection | pickplugins | Post Grid | High | 8.8 | 2024-10-16 06:43:38 | Deep Dive |
| CVE-2016-15040 | Kento Post View Counter <= 2.8 - SQL Injection | - | Kento Post View Counter | Critical | 9.8 | 2024-10-16 06:43:32 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |