| CVE-2025-2342 | IROAD X5 Mobile App API Endpoint hard-coded credentials | IROAD | X5 Mobile App | Medium | 5.3 | 2025-03-16 16:00:08 | Deep Dive |
| CVE-2025-1561 | AppPresser – Mobile App Framework <= 4.4.10 - Unauthenticated Stored Cross-Site Scripting | scottopolis | AppPresser – Mobile App Framework | High | 7.2 | 2025-03-13 04:21:05 | Deep Dive |
| CVE-2024-13844 | Post SMTP <= 3.1.2 - Authenticated (Administrator+) SQL Injection via columns Parameter | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | Medium | 4.9 | 2025-03-08 05:30:08 | Deep Dive |
| CVE-2025-0521 | Post SMTP <= 3.0.2 - Unauthenticated Stored Cross-Site Scripting | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | High | 7.2 | 2025-02-18 11:10:19 | Deep Dive |
| CVE-2024-12651 | Sensitive Data Exposure in PTT Inc.'s HGS Mobile App | PTT Inc. | HGS Mobile App | High | 8.5 | 2025-02-14 13:24:14 | Deep Dive |
| CVE-2024-12420 | WPMobile.App — Android and iOS Mobile Application <= 11.52 - Unauthenticated Arbitrary Shortcode Execution | amauric | WPMobile.App | Medium | 6.5 | 2024-12-13 08:24:49 | Deep Dive |
| CVE-2024-11024 | AppPresser – Mobile App Framework <= 4.4.6 - Unauthenticated Privilege Escalation via Password Reset | scottopolis | AppPresser – Mobile App Framework | Critical | 9.8 | 2024-11-26 11:04:30 | Deep Dive |
| CVE-2024-50528 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Sensitive Data Exposure vulnerability | Stacks | Stacks Mobile App Builder | High | 7.5 | 2024-11-04 14:07:19 | Deep Dive |
| CVE-2024-50527 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerability | Stacks | Stacks Mobile App Builder | Critical | 10.0 | 2024-11-04 13:42:39 | Deep Dive |
| CVE-2024-50477 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Account Takeover vulnerability | Stacks | Stacks Mobile App Builder | Critical | 9.8 | 2024-10-28 11:23:07 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9873 | Community by PeepSo <= 6.4.6.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 5.4 | 2024-10-16 05:31:56 | Deep Dive |
| CVE-2024-9305 | AppPresser – Mobile App Framework <= 4.4.4 - Privilege Escalation and Account Takeover via Weak OTP | scottopolis | AppPresser – Mobile App Framework | High | 8.1 | 2024-10-16 02:05:05 | Deep Dive |
| CVE-2024-7426 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.6.0 - Unauthenticated Full Path Disclosure | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 5.3 | 2024-09-25 02:05:05 | Deep Dive |
| CVE-2024-7618 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via content Parameter | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 4.4 | 2024-09-10 07:30:04 | Deep Dive |
| CVE-2024-7655 | Community by PeepSo – Social Network, Membership, Registration, User Profiles <= 6.4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting | peepso | Community by PeepSo – Download from PeepSo.com | Medium | 4.4 | 2024-09-10 07:30:04 | Deep Dive |
| CVE-2024-5207 | POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3 - Authenticated (Administrator+) SQL Injection | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | High | 7.2 | 2024-05-30 05:33:15 | Deep Dive |
| CVE-2024-4611 | AppPresser <= 4.3.2 - Improper Missing Encryption Exception Handling to Authentication Bypass | scottopolis | AppPresser – Mobile App Framework | High | 8.1 | 2024-05-29 04:30:14 | Deep Dive |
| CVE-2023-6255 | Hardcoded Credentals in SoliClub Mobile App | Utarit Information Technologies | SoliPay Mobile App | High | 7.5 | 2024-02-15 15:52:03 | Deep Dive |
| CVE-2023-5155 | SQLi in Utarit's Smart Deposit System | Utarit Information Technologies | SoliPay Mobile App | Critical | 9.8 | 2024-02-15 15:46:51 | Deep Dive |