Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 186 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-14071 Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output Shortcode livecomposerLive Composer – Free WordPress Website Builder High 7.5 2025-12-21 02:20:31 Deep Dive
CVE-2025-13537 Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting livecomposerLive Composer – Free WordPress Website Builder Medium 6.4 2025-12-17 18:21:35 Deep Dive
CVE-2025-14154 Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting wordplusBetter Messages – Live Chat, Chat Rooms, Real-Time Messaging & Private Messages Medium 6.1 2025-12-17 05:24:55 Deep Dive
CVE-2025-59374 ASUS Live Update 安全漏洞 ASUSlive update--2025-12-17 04:27:07 Deep Dive
CVE-2024-2104 JBL: Improper BLE security configurations and lack of authentication on the device's GATT server JBLLIVE PRO 2 TWS High 8.8 2025-12-10 12:56:15 Deep Dive
CVE-2025-13137 Live Sales Notification for Woocommerce – Woomotiv <= 3.6.3 - Reflected Cross-Site Scripting delabonLive Sales Notification for Woocommerce – Woomotiv Medium 6.1 2025-12-06 05:49:22 Deep Dive
CVE-2025-12354 Live CSS Preview <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update dojodigitalLive CSS Preview Medium 4.3 2025-12-05 06:07:19 Deep Dive
CVE-2025-12751 WSChat – WordPress Live Chat <= 3.1.6 - Missing Authorization to Authenticated (Subscriber+) Settings Reset elextensionsWSChat – WordPress Live Chat Medium 4.3 2025-11-19 05:45:11 Deep Dive
CVE-2025-12955 Live sales notification for WooCommerce <= 2.3.39 - Missing Authorization to Unauthenticated Customer Data Exposure rajeshsingh520PiWeb Live sales notification for WooCommerce High 7.5 2025-11-18 09:27:37 Deep Dive
CVE-2025-12651 Live Photos on WordPress <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode eggemploLive Photos on WordPress Medium 6.4 2025-11-11 03:30:53 Deep Dive
CVE-2025-11829 Five9 Live Chat <= 1.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting five9Five9 Live Chat Medium 6.4 2025-11-11 03:30:35 Deep Dive
CVE-2025-11576 AI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant <= 1.6.5 - Unauthenticated CSV Injection newcodebyteAI Chatbot Free Models – Customer Support, Live Chat, Virtual Assistant Medium 4.3 2025-10-24 12:29:57 Deep Dive
CVE-2025-8349 Cross-Site Scripting (XSS) stored in Tawk Live Chat TawkLive Chat--2025-10-20 09:56:04 Deep Dive
CVE-2025-10129 WordPress Live Webcam Widget & Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting mikscoWordPress Live Webcam Widget & Shortcode Medium 6.4 2025-10-11 09:28:42 Deep Dive
CVE-2025-57912 WordPress Dialogity Free Live Chat plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability dialogityDialogity Free Live Chat Medium 5.9 2025-09-22 18:25:19 Deep Dive
CVE-2025-58688 WordPress Casengo Live Chat Support Plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) Vulnerability CasengoCasengo Live Chat Support High 7.1 2025-09-22 18:22:42 Deep Dive
CVE-2025-58626 WordPress RumbleTalk Live Group Chat Plugin <= 6.3.5 - Cross Site Scripting (XSS) Vulnerability RumbleTalkRumbleTalk Live Group Chat Medium 6.5 2025-09-03 14:36:53 Deep Dive
CVE-2025-7956 Ajax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler wpdreamsAjax Search Lite – Live Search & Filter Medium 5.3 2025-08-28 05:24:52 Deep Dive
CVE-2025-6441 Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition <= 4.03.32 - Unauthenticated Login Token Generation to Authentication Bypass tobias_conradWebinarIgnition – Live, Automated & Evergreen Webinars for WooCommerce Critical 9.8 2025-07-24 09:22:17 Deep Dive
CVE-2025-7655 Live Stream Badger <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting tkrivickasLive Stream Badger Medium 6.4 2025-07-19 02:22:57 Deep Dive