Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-6562 affiliate-toolkit <= 3.5.5 - Unauthenticated Full Path Dislcosure cservitaffiliate-toolkit – Multi-Network Affiliate & Amazon Product Display Medium 5.3 2024-08-09 09:30:14 Deep Dive
CVE-2024-7548 LearnPress – WordPress LMS Plugin <= 4.2.6.9.3 - Authenticated (Contributor+) SQL Injection via order Parameter thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses High 8.8 2024-08-08 05:31:46 Deep Dive
CVE-2024-5668 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.28 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via HTML Data Attributes foopluginsLightbox & Modal Popup WordPress Plugin – FooBox Medium 6.4 2024-08-08 04:31:33 Deep Dive
CVE-2024-3238 WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion looks_awesomeWordPress Menu Plugin — Superfly Responsive Menu High 8.8 2024-08-02 06:41:38 Deep Dive
CVE-2024-2455 Element Pack - Addon for Elementor Page Builder WordPress Plugin <= 7.9.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Wrapper Link URL BDThemesElement Pack Pro - Addon for Elementor Page Builder WordPress Plugin Medium 6.4 2024-08-01 12:43:27 Deep Dive
CVE-2024-6591 Ultimate WordPress Auction Plugin <= 4.2.7 - Missing Authorization to Unauthenticated Email Creation nitesh_singhUltimate WordPress Auction Plugin Medium 5.8 2024-07-27 01:51:03 Deep Dive
CVE-2024-6589 LearnPress <= 4.2.6.8.2 - Authenticated (Contributor+) Local File Inclusion thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses High 8.8 2024-07-25 10:59:52 Deep Dive
CVE-2024-5973 MasterStudy LMS < 3.3.24 - Privilege Escalation to Instructor UnknownMasterStudy LMS WordPress Plugin--2024-07-22 06:00:06 Deep Dive
CVE-2024-5004 CM Popup Plugin for WordPress < 1.6.6 - Contributor+ Stored XSS UnknownCM Popup Plugin for WordPress --2024-07-22 06:00:02 Deep Dive
CVE-2024-6559 XCloner <= 4.7.3 - Unauthenticated Full Path Disclosure watchfulBackup, Restore and Migrate your sites with XCloner Medium 5.3 2024-07-16 06:43:31 Deep Dive
CVE-2024-5028 CM WordPress Search And Replace Plugin < 1.3.9 - Plugin Reset via CSRF UnknownCM WordPress Search And Replace Plugin--2024-07-13 06:00:07 Deep Dive
CVE-2024-3026 WordPress Button Plugin MaxButtons < 9.7.8 - Editor+ Stored XSS UnknownWordPress Button Plugin MaxButtons--2024-07-13 06:00:04 Deep Dive
CVE-2024-6313 Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload nikolaystrikharGutenberg Forms – WordPress Form Builder Plugin Critical 9.8 2024-07-09 07:38:47 Deep Dive
CVE-2024-6099 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Unauthenticated Bypass to User Registration thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:36 Deep Dive
CVE-2024-6088 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Missing Authorization to Unauthenticated User Registration Bypass thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:35 Deep Dive
CVE-2024-4268 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks ultimateblocksUltimate Blocks – 25+ Gutenberg Blocks for Block Editor Medium 6.4 2024-07-02 11:01:35 Deep Dive
CVE-2024-3513 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via title tag attribute ultimateblocksUltimate Blocks – 25+ Gutenberg Blocks for Block Editor Medium 6.4 2024-07-02 07:37:04 Deep Dive
CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Critical 9.8 2024-06-29 04:33:28 Deep Dive
CVE-2022-45803 WordPress Gutenberg Forms plugin <= 2.2.8.3 - Auth. Broken Access Control vulnerability Nikolay StrikharWordPress Form Builder Plugin – Gutenberg Forms Medium 6.5 2024-06-21 13:35:51 Deep Dive
CVE-2024-35770 WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability Dave KissVimeography: Vimeo Video Gallery WordPress Plugin Medium 4.3 2024-06-21 13:10:24 Deep Dive