| CVE-2024-4133 | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup <= 4.0.30 - Open Redirect | reputeinfosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Medium | 6.1 | 2024-05-02 16:52:18 | Deep Dive |
| CVE-2024-2867 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-05-02 16:52:05 | Deep Dive |
| CVE-2024-33587 | WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability | Copy Content Protection Team | Secure Copy Content Protection and Content Locking | Medium | 5.3 | 2024-04-29 12:40:47 | Deep Dive |
| CVE-2024-3929 | Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Post Overlay | pt-guy | Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Gutenberg Blocks, and Widgets for Elementor) | Medium | 6.4 | 2024-04-25 07:33:58 | Deep Dive |
| CVE-2024-32723 | WordPress Advanced Floating Content plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability | Code Tides | Advanced Floating Content | Medium | 5.9 | 2024-04-24 10:06:46 | Deep Dive |
| CVE-2024-32585 | WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability | extendWP | Import Content in WordPress & WooCommerce with Excel | High | 7.1 | 2024-04-18 09:12:49 | Deep Dive |
| CVE-2024-32599 | WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability | Deepak anand | WP Dummy Content Generator | Critical | 10.0 | 2024-04-18 08:24:12 | Deep Dive |
| CVE-2024-31432 | WordPress Restrict Content plugin <= 3.2.8 - Broken Access Control vulnerability | StellarWP | Restrict Content | Medium | 5.3 | 2024-04-15 09:31:09 | Deep Dive |
| CVE-2024-32094 | WordPress Church Content plugin <= 2.6 - Cross Site Request Forgery (CSRF) vulnerability | ChurchThemes | Church Content – Sermons, Events and More | Medium | 4.3 | 2024-04-15 08:58:13 | Deep Dive |
| CVE-2024-3210 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'reg-single-checkbox' | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-04-10 05:32:23 | Deep Dive |
| CVE-2022-4965 | Invitation Code Content Restriction Plugin from CreativeMinds <= 1.5.4 - Reflected Cross-Site Scripting | CreativeMinds | Invitation Code Content Restriction Plugin from CreativeMinds | Medium | 6.1 | 2024-04-09 19:05:07 | Deep Dive |
| CVE-2023-6999 | Pods - Custom Content Types and Fields - Authenticated (Contributor+) Remote Code Execution | sc0ttkclark | Pods – Custom Content Types and Fields | High | 8.8 | 2024-04-09 18:59:26 | Deep Dive |
| CVE-2023-6965 | Pods - Custom Content Types and Fields - Missing Authorization | sc0ttkclark | Pods – Custom Content Types and Fields | Medium | 4.3 | 2024-04-09 18:59:21 | Deep Dive |
| CVE-2024-2026 | Passster <= 4.2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via content_protector Shortcode | wpchill | Passster – Password Protect Pages and Content | Medium | 6.4 | 2024-04-09 18:59:04 | Deep Dive |
| CVE-2024-0899 | s2Member – Best Membership Plugin for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions <= 230815 - Information Exposure | clavaque | s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions | Medium | 5.3 | 2024-04-09 18:59:03 | Deep Dive |
| CVE-2024-0588 | Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 4.3 | 2024-04-09 18:58:55 | Deep Dive |
| CVE-2023-6967 | Pods - Custom Content Types and Fields - Authenticated (Contributor+) SQL Injection via Shortcode | sc0ttkclark | Pods – Custom Content Types and Fields | High | 8.8 | 2024-04-09 18:58:35 | Deep Dive |
| CVE-2024-30531 | WordPress Nelio Content plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability | Nelio Software | Nelio Content | Medium | 4.9 | 2024-04-02 18:42:11 | Deep Dive |
| CVE-2024-30500 | WordPress CubeWP plugin <= 1.1.12 - Arbitrary File Upload vulnerability | CubeWP | CubeWP – All-in-One Dynamic Content Framework | Critical | 9.9 | 2024-03-29 13:35:06 | Deep Dive |
| CVE-2024-24805 | WordPress WP Dummy Content Generator plugin <= 3.1.2 - Broken Access Control vulnerability | Deepak anand | WP Dummy Content Generator | Medium | 4.3 | 2024-03-26 09:07:33 | Deep Dive |