Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 55 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-2840 Enhanced Media Library <= 2.8.9 - Authenticated (Author+) Stored Cross-Site Scripting webbistroEnhanced Media Library Medium 5.4 2024-05-02 16:51:49 Deep Dive
CVE-2024-27969 WordPress Free Downloads WooCommerce plugin <= 3.5.8.2 - Cross Site Scripting (XSS) vulnerability WP EnhancedFree Downloads WooCommerce Medium 6.5 2024-03-21 15:27:01 Deep Dive
CVE-2024-0559 Enhanced Text Widget < 1.6.6 - Admin+ Stored XSS UnknownEnhanced Text Widget--2024-03-11 17:56:05 Deep Dive
CVE-2024-22250 Session Hijack Vulnerability in Deprecated EAP Browser Plugin VMwareVMware Enhanced Authentication Plug-in (EAP) High 7.8 2024-02-20 17:35:23 Deep Dive
CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin VMwareVMware Enhanced Authentication Plug-in (EAP) Critical 9.6 2024-02-20 17:35:09 Deep Dive
CVE-2023-51674 WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Cross Site Scripting (XSS) AAMAdvanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More Medium 6.5 2024-02-01 10:22:56 Deep Dive
CVE-2023-51675 WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection AAMAdvanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More Medium 4.7 2023-12-29 13:57:17 Deep Dive
CVE-2023-50881 WordPress Advanced Access Manager Plugin <= 6.9.15 is vulnerable to Cross Site Scripting (XSS) AAMAdvanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More Medium 6.5 2023-12-29 11:26:12 Deep Dive
CVE-2023-28618 WordPress Enhanced Plugin Admin Plugin <= 1.16 is vulnerable to Cross Site Request Forgery (CSRF) Marios AlexandrouEnhanced Plugin Admin Medium 5.4 2023-11-12 21:51:20 Deep Dive
CVE-2022-4290 Cyr to Lat <= 3.5 - Authenticated SQL Injection ivijanstefanCyr to Lat Enhanced High 8.8 2023-10-20 07:29:31 Deep Dive
CVE-2023-40561 Enhanced Ecommerce Google Analytics for WooCommerce theDotstoreEnhanced Ecommerce Google Analytics for WooCommerce Medium 5.4 2023-10-04 13:55:25 Deep Dive
CVE-2023-0958 Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function inisevRedirection Medium 4.3 2023-07-28 04:37:04 Deep Dive
CVE-2023-3977 Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function inisevRedirection Medium 4.3 2023-07-28 04:37:03 Deep Dive
CVE-2023-2746 Rockwell Automation Enhanced HIM Vulnerable to Cross-Site Request Forgery Attack Rockwell AutomationEnhanced HIM Critical 9.6 2023-07-11 13:15:04 Deep Dive
CVE-2023-23812 WordPress Enhanced WP Contact Form Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) Joost de ValkEnhanced WP Contact Form Medium 5.9 2023-05-10 07:38:58 Deep Dive
CVE-2022-28816 Reflected XSS in Carlo Gavazzi UWP 3.0 Carlo GavazziUWP 3.0 Monitoring Gateway and Controller Medium 6.1 2022-09-28 13:45:37 Deep Dive
CVE-2022-28815 SQL-Injection in Carlo Gavazzi UWP 3.0 Sentilo Proxy Carlo GavazziUWP 3.0 Monitoring Gateway and Controller Low 2.7 2022-09-28 13:45:36 Deep Dive
CVE-2022-28814 Path traversal in Carlo Gavazzi UWP 3.0 could lead to full device access Carlo GavazziUWP 3.0 Monitoring Gateway and Controller Critical 9.8 2022-09-28 13:45:35 Deep Dive
CVE-2022-28812 Use of Hard-coded Credentials in UWP3.0 allows SuperUser authentication bypass in Car Park Server. Carlo GavazziUWP 3.0 Monitoring Gateway and Controller Critical 9.8 2022-09-28 13:45:33 Deep Dive
CVE-2022-28811 Possible command injection in Car Park Server in Carlo Gavazzi UWP3.0 Carlo GavazziUWP 3.0 Monitoring Gateway and Controller Critical 9.8 2022-09-28 13:45:32 Deep Dive