| CVE-2024-13891 | Schedule <= 1.0.0 - Reflected XSS | Unknown | Schedule | 中危 | - | 2025-03-13 06:00:06 | Deep Dive |
| CVE-2024-13431 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.3 - Reflected Cross-Site Scripting | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 6.1 | 2025-03-07 08:21:28 | Deep Dive |
| CVE-2024-12071 | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media <= 1.4.4 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | evergreencontentposter | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | Medium | 5.3 | 2025-01-18 03:21:13 | Deep Dive |
| CVE-2024-11423 | Ultimate Gift Cards for WooCommerce <= 3.0.6 - Missing Authorization to Infinite Money Glitch | WP Swings | Gift Cards for WooCommerce Pro | High | 7.5 | 2025-01-08 11:09:25 | Deep Dive |
| CVE-2024-11154 | PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes <= 3.5.15 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure | publishpress | PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes | Medium | 4.3 | 2024-11-20 13:55:14 | Deep Dive |
| CVE-2024-7877 | Appointment Booking Calendar < 1.6.7.55 - Admin+ Stored XSS | Unknown | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | - | - | 2024-11-05 06:00:08 | Deep Dive |
| CVE-2024-7876 | Appointment Booking Calendar < 1.6.7.55 - Admin+ Stored XSS | Unknown | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | - | - | 2024-11-05 06:00:07 | Deep Dive |
| CVE-2020-36840 | Timetable and Event Schedule by MotoPress <= 2.3.8 - Missing Authorization | jetmonsters | Timetable and Event Schedule by MotoPress | High | 7.3 | 2024-10-16 07:31:51 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9436 | PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes <= 3.5.14 - Reflected Cross-Site Scripting | publishpress | PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes | Medium | 6.1 | 2024-10-11 06:50:18 | Deep Dive |
| CVE-2024-8264 | Sensitive information in agent log file when detailed logging is enabled with Robot Schedule Enterprise prior to version 3.05 | Fortra | Robot Schedule Enterprise | Medium | 5.5 | 2024-10-09 22:44:35 | Deep Dive |
| CVE-2024-7129 | Appointment Booking Calendar < 1.6.7.43 - Admin+ Template Injection to RCE | Unknown | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | - | - | 2024-09-13 06:00:04 | Deep Dive |
| CVE-2024-39630 | WordPress Timetable and Event Schedule by MotoPress plugin <= 2.4.13 - PHP Object Injection vulnerability | MotoPress | Timetable and Event Schedule | Medium | 5.5 | 2024-08-01 20:38:49 | Deep Dive |
| CVE-2024-6557 | SchedulePress <= 5.1.3 - Unauthenticated Full Path Disclosure | wpdevteam | SchedulePress – Auto Post & Publish, Auto Social Share, Schedule Posts with Editorial Calendar & Missed Schedule Post Publisher | Medium | 5.3 | 2024-07-16 04:31:29 | Deep Dive |
| CVE-2024-4288 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.14 - Authenticated (Contributor+) Stored Cross-Site Scripting | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | Medium | 6.4 | 2024-05-16 11:05:29 | Deep Dive |
| CVE-2024-3342 | Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection | jetmonsters | Timetable and Event Schedule by MotoPress | Critical | 9.9 | 2024-04-27 08:37:55 | Deep Dive |
| CVE-2024-32529 | WordPress Yoga Schedule Momoyoga plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability | Momoyoga | Yoga Schedule Momoyoga | Medium | 6.5 | 2024-04-17 09:35:20 | Deep Dive |
| CVE-2024-2341 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Subscriber+) SQL Injection | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:59:30 | Deep Dive |
| CVE-2024-2342 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.7.7 - Authenticated (Contributor+) SQL Injection via Shortcode | croixhaug | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin | High | 8.8 | 2024-04-09 18:58:31 | Deep Dive |
| CVE-2024-31084 | WordPress Weekly Class Schedule plugin <= 3.19 - Reflected Cross Site Scripting (XSS) vulnerability | Pulsar Web Design | Weekly Class Schedule | High | 7.1 | 2024-03-31 19:35:50 | Deep Dive |