Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2025-13314	Product Filtering by Categories, Tags, Price Range for WooCommerce <= 1.1.6 - Missing Authorization to Unauthenticated Plugin Settings Modification	markutos987	Filter Plus – Product Filter & WordPress Filter	Medium	5.3	2025-12-12 03:20:57	Deep Dive
CVE-2025-13109	HUSKY – Products Filter Professional for WooCommerce <= 1.3.7.2 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_query/woof_remove_query'	realmag777	HUSKY – Products Filter Professional for WooCommerce	Medium	4.3	2025-12-03 12:29:56	Deep Dive
CVE-2025-11735	HUSKY – Products Filter Professional for WooCommerce <= 1.3.7.1 - Unauthenticated SQL Injection via `phrase` Parameter	realmag777	HUSKY – Products Filter Professional for WooCommerce	High	7.5	2025-10-28 05:27:30	Deep Dive
CVE-2025-8416	Product Filter by WBW <= 2.9.7 - Unauthenticated SQL Injection	woobewoo	Product Filter for WooCommerce by WBW	High	7.5	2025-10-25 06:49:25	Deep Dive
CVE-2025-11269	Product Filter by WBW <= 3.0.0 - Missing Authorization to Unauthenticated Settings Update	woobewoo	Product Filter for WooCommerce by WBW	Medium	5.3	2025-10-25 05:31:18	Deep Dive
CVE-2025-48099	WordPress Search & Filter plugin <= 1.2.17 - Cross Site Request Forgery (CSRF) to Open Redirect vulnerability	Code Amp	Search & Filter	-	-	2025-10-22 14:32:07	Deep Dive
CVE-2025-59583	WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability	PenciDesign	Penci Filter Everything	Medium	6.5	2025-09-22 18:25:52	Deep Dive
CVE-2025-8722	Content Views <= 4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Grid and List Widgets	pt-guy	Content Views – Post Grid & Filter, Recent Posts, Category Posts … (Shortcode, Gutenberg Blocks, and Widgets for Elementor)	Medium	6.4	2025-09-06 03:22:35	Deep Dive
CVE-2025-48354	WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability	WP Smart Widgets	Better Post & Filter Widgets for Elementor	Medium	6.5	2025-08-28 12:37:06	Deep Dive
CVE-2025-39496	WordPress WooBeWoo Product Filter Pro plugin < 2.9.6 - SQL Injection vulnerability	WBW	WooBeWoo Product Filter Pro	Critical	9.3	2025-08-28 11:41:44	Deep Dive
CVE-2025-7956	Ajax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler	wpdreams	Ajax Search Lite – Live Search & Filter	Medium	5.3	2025-08-28 05:24:52	Deep Dive
CVE-2025-57846	Digital Arts i-FILTER 安全漏洞	Digital Arts Inc.	i-フィルター 6.0	高危	-	2025-08-27 05:28:43	Deep Dive
CVE-2025-7828	WP Filter & Combine RSS Feeds <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion	evigeo	WP Filter & Combine RSS Feeds	Medium	4.3	2025-08-23 04:25:48	Deep Dive
CVE-2025-5084	Post Grid Master <= 3.4.13 - Reflected Cross-Site Scripting via argsArray['read_more_text']	mdshuvo	Post Grid Master — Post Grids & AJAX Filters	Medium	6.1	2025-07-24 09:22:15	Deep Dive
CVE-2025-47149	Digital Arts i-FILTER 安全漏洞	Digital Arts Inc.	i-FILTER	-	-	2025-05-23 09:09:37	Deep Dive
CVE-2024-7487	Improper Authentication in WSO2 Identity Server 7.0.0 Allows Bypass of App-Native Authentication	WSO2	WSO2 Identity Server	Medium	5.8	2025-05-22 19:03:13	Deep Dive
CVE-2024-9645	Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS	Unknown	Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry	-	-	2025-05-15 20:07:22	Deep Dive
CVE-2025-47705	IFrame Remove Filter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-051	Drupal	IFrame Remove Filter	-	-	2025-05-14 17:02:25	Deep Dive
CVE-2025-46524	WordPress WP Filter Post Category plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability	stesvis	WP Filter Post Category	High	7.1	2025-04-24 16:08:59	Deep Dive
CVE-2025-46252	WordPress Message Filter for Contact Form 7 plugin <= 1.6.3.2 - SQL Injection vulnerability	Kofi Mokome	Message Filter for Contact Form 7	High	7.6	2025-04-22 09:53:35	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List