| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-45070 | WordPress Form Maker by 10Web Plugin <= 1.15.18 is vulnerable to Cross Site Scripting (XSS) | 10Web Form Builder Team | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder | High | 7.1 | 2023-10-18 12:34:30 | Deep Dive |
| CVE-2023-38000 | Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block | WordPress.org | WordPress | Medium | 6.5 | 2023-10-13 09:55:55 | Deep Dive |
| CVE-2023-45103 | WordPress Permalinks Customizer Plugin <= 2.8.2 is vulnerable to Cross Site Request Forgery (CSRF) | YAS Global Team | Permalinks Customizer | Medium | 4.3 | 2023-10-12 14:33:34 | Deep Dive |
| CVE-2023-41694 | WordPress Realbig Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | Realbig Team | Realbig For WordPress | Medium | 4.3 | 2023-10-10 07:36:23 | Deep Dive |
| CVE-2023-41801 | WordPress AWP Classifieds Plugin <= 4.3 is vulnerable to Cross Site Request Forgery (CSRF) | AWP Classifieds Team | Ad Directory & Listings by AWP Classifieds | Medium | 5.4 | 2023-10-06 14:48:04 | Deep Dive |
| CVE-2023-27448 | WordPress MakeStories (for Google Web Stories) Plugin <= 2.8.0 is vulnerable to Cross Site Request Forgery (CSRF) | MakeStories Team | MakeStories (for Google Web Stories) | Medium | 5.4 | 2023-10-06 12:54:48 | Deep Dive |
| CVE-2023-27433 | WordPress Make Paths Relative Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF) | YAS Global Team | Make Paths Relative | Medium | 5.4 | 2023-10-04 13:51:21 | Deep Dive |
| CVE-2023-39917 | WordPress Photo Gallery by Ays Plugin <= 5.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | Photo Gallery Team | Photo Gallery by Ays – Responsive Image Gallery | Medium | 4.3 | 2023-10-03 11:14:29 | Deep Dive |
| CVE-2023-44242 | WordPress Images Slideshow by 2J Plugin <= 1.3.54 is vulnerable to Cross Site Scripting (XSS) | 2J Slideshow Team | Slideshow, Image Slider by 2J | Medium | 6.5 | 2023-10-02 10:02:21 | Deep Dive |
| CVE-2023-39308 | WordPress User Feedback Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS) | UserFeedback Team | User Feedback | High | 7.1 | 2023-09-29 13:59:40 | Deep Dive |
| CVE-2023-41867 | WordPress AcyMailing SMTP Newsletter Plugin <= 8.6.2 is vulnerable to Cross Site Scripting (XSS) | AcyMailing Newsletter Team | AcyMailing | High | 7.1 | 2023-09-25 18:41:55 | Deep Dive |
| CVE-2023-41871 | WordPress Poll Maker Plugin <= 4.7.0 is vulnerable to Cross Site Scripting (XSS) | Poll Maker Team | Poll Maker | High | 7.1 | 2023-09-25 18:31:52 | Deep Dive |
| CVE-2023-31220 | WordPress WP Categories Widget Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) | WP-EXPERTS.IN TEAM | WP Categories Widget | High | 7.1 | 2023-09-04 10:24:37 | Deep Dive |
| CVE-2023-3636 | WP Project Manager <= 2.6.4 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | High | 8.8 | 2023-08-31 05:33:09 | Deep Dive |
| CVE-2023-32498 | WordPress Easy Form by AYS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) | Easy Form team | Easy Form by AYS | Medium | 5.9 | 2023-08-23 13:48:05 | Deep Dive |
| CVE-2023-32107 | WordPress Photo Gallery by Ays Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS) | Photo Gallery Team | Photo Gallery by Ays – Responsive Image Gallery | High | 7.1 | 2023-08-18 14:00:03 | Deep Dive |
| CVE-2023-38752 | JPCERT Coordination Center Special Interest Group Network for Analysis and Liaison 安全漏洞 | Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) | Special Interest Group Network for Analysis and Liaison | 中危 | - | 2023-08-09 03:29:52 | Deep Dive |
| CVE-2023-38751 | JPCERT Coordination Center Special Interest Group Network for Analysis and Liaison 安全漏洞 | Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) | Special Interest Group Network for Analysis and Liaison | 中危 | - | 2023-08-09 03:29:38 | Deep Dive |
| CVE-2023-37977 | WordPress WPFunnels Plugin <= 2.7.16 is vulnerable to Cross Site Scripting (XSS) | WPFunnels Team | Drag & Drop Sales Funnel Builder for WordPress – WPFunnels | High | 7.1 | 2023-07-27 14:16:11 | Deep Dive |
| CVE-2022-28737 | There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables | Red Hat Bootloader Team | shim | Medium | 6.5 | 2023-07-20 00:26:16 | Deep Dive |