Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2564 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata WP Cloud Plugins/_deleeuw_Use-your-Drive | Google Drive plugin for WordPress High 7.2 2025-08-05 06:39:49 Deep Dive
CVE-2025-8313 Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designCampus Directory – Faculty, Staff & Student Directory Plugin for WordPress Medium 6.4 2025-08-05 06:39:49 Deep Dive
CVE-2025-8315 WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designSimple Contact Form Plugin for WordPress – WP Easy Contact Medium 6.4 2025-08-05 06:39:48 Deep Dive
CVE-2025-6692 YouTube Embed <= 10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via instance Parameter hanucodesYouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin Medium 6.4 2025-07-29 09:23:47 Deep Dive
CVE-2025-6991 Kallyas <= 4.21.0 - Authenticated (Contributor+) Local File Inclusion hogashKALLYAS - Creative eCommerce Multi-Purpose WordPress Theme High 7.5 2025-07-26 07:23:52 Deep Dive
CVE-2025-6989 Kallyas <= 4.21.0 - Authenticated (Contributor+) Arbitrary Folder Deletion hogashKALLYAS - Creative eCommerce Multi-Purpose WordPress Theme High 8.1 2025-07-26 07:23:52 Deep Dive
CVE-2025-8198 MinimogWP – The High Converting eCommerce WordPress Theme <= 3.9.0 - Unauthenticated Price Manipulation ThemeMoveMinimogWP – The High Converting eCommerce WordPress Theme High 7.5 2025-07-26 05:45:53 Deep Dive
CVE-2025-7959 Station Pro <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via width and height Parameters marviorochaStation Pro – Advanced Audio Streaming & Player for WordPress Medium 6.4 2025-07-24 09:22:23 Deep Dive
CVE-2025-8071 Mine CloudVod <= 2.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via audio Parameter 995525477-1Mine CloudVod LMS Medium 6.4 2025-07-24 09:22:17 Deep Dive
CVE-2025-8009 Security Ninja – Secure Firewall & Secure Malware Scanner - 5.201 - 5.242 - Authenticated (Administrator+) Arbitrary File Read cleverpluginsSecurity Ninja – WordPress Security Plugin & Firewall Medium 4.9 2025-07-24 07:22:13 Deep Dive
CVE-2025-41240 Mounted Kubernetes Secrets under a predictable path located within the web server document root VMwarebitnamicharts/appsmith Critical 10.0 2025-07-24 06:42:25 Deep Dive
CVE-2025-54352 WordPress 安全漏洞 WordPressWordPress Low 3.7 2025-07-21 00:00:00 Deep Dive
CVE-2015-10139 WPLMS Learning Management System for WordPress, WordPress LMS <= 1.8.4.1 - Privilege Escalation VibeThemesWPLMS Learning Management System for WordPress, WordPress LMS High 8.8 2025-07-19 11:23:37 Deep Dive
CVE-2025-5811 Listly: Listicles For WordPress <= 2.7 - Unauthenticated Arbitrary Transient Deletion milanmkListly: Listicles For WordPress Medium 5.3 2025-07-18 05:24:01 Deep Dive
CVE-2025-3740 School Management System for Wordpress <= 93.1.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update dasinfomediaSchool Management System for Wordpress High 8.8 2025-07-18 04:23:00 Deep Dive
CVE-2025-24759 WordPress WP-BusinessDirectory <= 3.1.5 - SQL Injection vulnerability CMSJunkie - WordPress Business Directory PluginsWP-BusinessDirectory Critical 9.3 2025-07-16 11:28:14 Deep Dive
CVE-2025-28955 WordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download Vulnerability FWDesignEasy Video Player Wordpress & WooCommerce High 7.5 2025-07-16 11:28:13 Deep Dive
CVE-2025-31055 WordPress Electrician - Electrical Service WordPress theme <= 1.0 - Cross Site Scripting (XSS) Vulnerability vergathemeElectrician - Electrical Service WordPress High 7.1 2025-07-16 11:28:07 Deep Dive
CVE-2025-31422 WordPress Visual Art | Gallery WordPress Theme <= 2.4 - PHP Object Injection Vulnerability designthemesVisual Art | Gallery WordPress Theme High 8.8 2025-07-16 11:28:06 Deep Dive
CVE-2025-31072 WordPress Ofiz - Business Consulting Theme plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability designthemesOfiz - WordPress Business Consulting Theme High 7.1 2025-07-16 11:28:06 Deep Dive