| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6689 | FL3R Accessibility Suite <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via fl3raccessibilitysuite Shortcode | armandofiore | FL3R Accessibility Suite | Medium | 6.4 | 2025-06-27 07:22:21 | Deep Dive |
| CVE-2025-30636 | WordPress Accessibility Suite plugin <= 4.19 - Broken Access Control Vulnerability | Ability, Inc | Accessibility Suite | Medium | 5.4 | 2025-06-06 12:54:21 | Deep Dive |
| CVE-2025-47681 | WordPress Web Accessibility with Max Access plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) Vulnerability | Ability, Inc | Web Accessibility with Max Access | Medium | 4.3 | 2025-05-07 14:20:54 | Deep Dive |
| CVE-2025-32650 | WordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - SQL Injection vulnerability | Ability, Inc | Accessibility Suite | High | 8.5 | 2025-04-11 08:43:02 | Deep Dive |
| CVE-2025-32215 | WordPress Accessibility Suite plugin <= 4.18 - Arbitrary File Upload vulnerability | Ability, Inc | Accessibility Suite | Medium | 6.5 | 2025-04-10 08:09:46 | Deep Dive |
| CVE-2025-30623 | WordPress wA11y – The Web Accessibility Toolbox plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | Rachel Cherry | wA11y – The Web Accessibility Toolbox | Medium | 5.9 | 2025-03-24 13:47:34 | Deep Dive |
| CVE-2025-26981 | WordPress Web Accessibility By accessiBe plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability | accessiBe | Web Accessibility By accessiBe | High | 7.1 | 2025-02-25 14:17:59 | Deep Dive |
| CVE-2025-22698 | WordPress Accessibility Suite by Ability, Inc plugin <= 4.18 - Multiple Broken Access Control vulnerability | Ability, Inc | Accessibility Suite | 中危 | - | 2025-02-14 12:45:33 | Deep Dive |
| CVE-2025-23725 | WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability | pshikli | Accessibility Task Manager | High | 7.1 | 2025-01-23 15:29:42 | Deep Dive |
| CVE-2024-49644 | WordPress Accessibility by AllAccessible plugin <= 1.3.4 - Privilege Escalation vulnerability | AllAccessible | Accessibility by AllAccessible | High | 8.8 | 2025-01-07 10:49:32 | Deep Dive |
| CVE-2024-9208 | Enable Accessibility <= 1.4.1 - Reflected Cross-Site Scripting | upress | Enable Accessibility | Medium | 6.1 | 2025-01-07 04:22:21 | Deep Dive |
| CVE-2023-41869 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.4 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 4.3 | 2024-12-13 14:24:23 | Deep Dive |
| CVE-2024-11643 | Accessibility by AllAccessible <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Update | allaccessible | Accessibility by AllAccessible | High | 8.8 | 2024-12-04 15:22:21 | Deep Dive |
| CVE-2024-37926 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 5.3 | 2024-11-01 14:18:11 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-5987 | WP Accessibility Helper <= 0.6.2.8 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update | vol4ikman | WP Accessibility Helper (WAH) | Medium | 5.4 | 2024-08-29 05:30:57 | Deep Dive |
| CVE-2024-31423 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.5 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 4.3 | 2024-06-09 17:15:41 | Deep Dive |
| CVE-2024-5449 | WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing <= 5.0.4 - Missing Authorization | wppool | WP Dark Mode – Improve Accessibility with AI Powered Dark Theme | Medium | 4.3 | 2024-06-06 03:32:55 | Deep Dive |
| CVE-2024-4847 | Alt Text AI – Automatically generate image alt text for SEO and accessibility <= 1.4.9 - Authenticated (Subscriber+) SQL Injection | alttextai | Alt Text AI – Automatically generate image alt text for SEO and accessibility | High | 8.8 | 2024-05-15 01:56:54 | Deep Dive |
| CVE-2024-32831 | WordPress Accessibility Widget plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability | Lorna Timbah (webgrrrl) | Accessibility Widget | Medium | 6.5 | 2024-05-03 07:23:28 | Deep Dive |