Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-4742 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.2.5 - Authenticated (Contributor+) SQL Injection youzifyYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress Medium 6.5 2024-06-20 02:08:20 Deep Dive
CVE-2023-6692 Ultimate Blocks – WordPress Blocks Plugin <= 3.0.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via metabox ultimateblocksUltimate Blocks – 25+ Gutenberg Blocks for Block Editor Medium 6.4 2024-06-19 05:37:44 Deep Dive
CVE-2024-3276 FooBox (Free and Premium) < 2.7.28 - Admin+ Stored XSS UnknownLightbox & Modal Popup WordPress Plugin --2024-06-18 06:00:02 Deep Dive
CVE-2023-5527 Business Directory Plugin <= 6.4.3 - Authenticated (Author+) CSV Injection strategy11teamBusiness Directory Plugin – Easy Listing Directories for WordPress High 7.4 2024-06-18 05:38:14 Deep Dive
CVE-2024-1634 Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection startbookingScheduling Plugin – Online Booking for WordPress Medium 6.5 2024-06-18 02:37:13 Deep Dive
CVE-2024-4305 PostX < 4.1.0 - Contributor+ Stored XSS UnknownPost Grid Gutenberg Blocks and WordPress Blog Plugin --2024-06-17 06:00:01 Deep Dive
CVE-2024-5551 WP STAGING PRO - Backup Duplicator & Migration <= 5.6.0 - Cross-Site Request Forgery to Limited Local File Inclusion WPStagingWP STAGING Pro WordPress Backup Plugin High 7.5 2024-06-14 05:39:14 Deep Dive
CVE-2024-3073 Easy WP SMTP by SendLayer <= 2.3.0 - Exposure of Sensitive Information via the UI smubEasy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and more Low 2.7 2024-06-13 08:31:31 Deep Dive
CVE-2024-5468 WordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion stylemixPearl – Header Builder Medium 6.5 2024-06-12 08:33:20 Deep Dive
CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS UnknownARForms - Premium WordPress Form Builder Plugin--2024-06-12 06:00:02 Deep Dive
CVE-2024-5584 WordPress Online Booking and Scheduling Plugin – Bookly <= 23.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Color Profile Parameter ladelaOnline Scheduling and Appointment Booking System – Bookly Medium 6.4 2024-06-11 09:32:03 Deep Dive
CVE-2024-4621 ArForms < 6.6 - Admin+ Stored XSS UnknownARForms - Premium WordPress Form Builder Plugin 中危 -2024-06-07 06:00:03 Deep Dive
CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE UnknownARForms - Premium WordPress Form Builder Plugin 中危 -2024-06-07 06:00:02 Deep Dive
CVE-2024-5449 WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing <= 5.0.4 - Missing Authorization wppoolWP Dark Mode – Improve Accessibility with AI Powered Dark Theme Medium 4.3 2024-06-06 03:32:55 Deep Dive
CVE-2024-5483 LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-06-05 02:34:31 Deep Dive
CVE-2024-3820 wpDataTables - Tables & Table Charts (Premium) <= 6.3.1 - Unauthenticated SQL Injection WPDataTableswpDataTables (Premium) Critical 10.0 2024-06-01 08:38:58 Deep Dive
CVE-2024-3821 wpDataTables - Tables & Table Charts (Premium) <= 6.3.2 - Missing Authorization to DataTable Access & Modification wpdatatableswpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin High 7.3 2024-06-01 08:38:56 Deep Dive
CVE-2024-4958 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.2.0.1 - Missing Authorization to Privilege Escalation wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 7.1 2024-06-01 07:35:57 Deep Dive
CVE-2024-4469 Migration Backup Restore < 3.5.0 - Admin+ SSRF UnknownWP STAGING WordPress Backup Plugin 中危 -2024-05-31 06:00:02 Deep Dive
CVE-2024-5326 Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.2 - Missing Authorization to Arbitrary Options Update wpxpoPost Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX High 8.8 2024-05-30 10:59:29 Deep Dive