| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-22479 | WordPress Easy Post Submission plugin <= 2.4.0 - Broken Access Control vulnerability | ThemeRuby | Easy Post Submission | High | 7.5 | 2026-03-05 05:53:48 | Deep Dive |
| CVE-2026-2269 | Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload | uncannyowl | Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin | High | 7.2 | 2026-03-03 01:21:51 | Deep Dive |
| CVE-2025-68005 | WordPress Easy Hotel Booking plugin <= 1.9.2 - Broken Access Control vulnerability | themewant | Easy Hotel Booking | Medium | 6.5 | 2026-02-20 15:46:34 | Deep Dive |
| CVE-2025-53231 | WordPress Easy Taxonomy Images plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability | wpdevstudio | Easy Taxonomy Images | - | - | 2026-02-20 15:46:27 | Deep Dive |
| CVE-2026-25392 | WordPress Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress plugin <= 1.4.0 - Open Redirection vulnerability | KaizenCoders | Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress | Medium | 4.7 | 2026-02-19 08:27:03 | Deep Dive |
| CVE-2026-1373 | Easy Author Image <= 1.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Picture URL | lawsonry | Easy Author Image | Medium | 6.4 | 2026-02-19 04:36:27 | Deep Dive |
| CVE-2025-13738 | Easy Table of Contents <= 2.0.78 - Authenticated (Contributor+) Stored Cross-Site Scripting | magazine3 | Easy Table of Contents | Medium | 6.4 | 2026-02-19 04:36:15 | Deep Dive |
| CVE-2025-12451 | Easy SVG Support <= 4.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | benjamin_zekavica | Easy SVG Support | Medium | 4.4 | 2026-02-19 03:25:14 | Deep Dive |
| CVE-2026-1656 | Business Directory Plugin <= 6.4.20 - Missing Authorization to Unauthenticated Arbitrary Listing Modification | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | Medium | 5.3 | 2026-02-18 08:26:05 | Deep Dive |
| CVE-2026-2576 | Business Directory Plugin <= 6.4.21 - Unauthenticated SQL Injection via payment Parameter | strategy11team | Business Directory Plugin – Easy Listing Directories for WordPress | High | 7.5 | 2026-02-18 04:35:46 | Deep Dive |
| CVE-2026-1277 | URL Shortify <= 1.12.1 - Unauthenticated Open Redirect via 'redirect_to' Parameter | kaizencoders | URL Shortify – Simple and Easy URL Shortener | Medium | 4.7 | 2026-02-18 04:35:45 | Deep Dive |
| CVE-2026-1164 | Easy Voice Mail <= 1.2.5 - Unauthenticated Stored Cross-Site Scripting via 'message' | phoenixstudiodz | Easy Voice Mail | Medium | 6.1 | 2026-02-14 04:35:42 | Deep Dive |
| CVE-2025-14067 | Easy Form Builder <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Response Data Exposure | hassantafreshi | Easy Form Builder by WhiteStudio — Drag & Drop Form Builder | Medium | 5.3 | 2026-02-14 03:25:28 | Deep Dive |
| CVE-2019-25273 | Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path | Easy-Hide-Ip | IP | High | 7.8 | 2026-02-04 23:15:51 | Deep Dive |
| CVE-2020-37087 | Easy Transfer 1.7 for iOS - Persistent Cross-Site Scripting | Rubikon Teknoloji | Easy Transfer | - | - | 2026-02-03 22:09:48 | Deep Dive |
| CVE-2020-37086 | Easy Transfer 1.7 for iOS - Directory Traversal | Rubikon Teknoloji | Easy Transfer | Medium | 6.2 | 2026-02-03 22:01:48 | Deep Dive |
| CVE-2021-47856 | Easy Cart Shopping Cart 2021 Cross-Site Scripting via Search Parameter | NetArt Media | Easy Cart Shopping Cart | Medium | 6.4 | 2026-02-01 12:15:46 | Deep Dive |
| CVE-2026-1298 | Easy Replace Image <= 3.5.2 - Missing Authorization to Authenticated (Contributor+) Arbitrary Attachment Replacement | iulia-cazan | Easy Replace Image | Medium | 4.3 | 2026-01-28 05:30:19 | Deep Dive |
| CVE-2025-8072 | Target Video Easy Publish <= 3.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder_img Parameter | nebojsadabic | Target Video Easy Publish | Medium | 6.4 | 2026-01-28 05:30:18 | Deep Dive |
| CVE-2020-36983 | Quick 'n Easy FTP Service 3.2 - Unquoted Service Path | Pablosoftwaresolutions | Quick 'n Easy FTP Service | High | 7.8 | 2026-01-27 18:52:03 | Deep Dive |