| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-31112 | WordPress Convert Post Types plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | Stephanie Leary | Convert Post Types | High | 7.1 | 2024-03-31 18:56:41 | Deep Dive |
| CVE-2023-27440 | WordPress Toolset Types plugin <= 3.4.17 - Authenticated Arbitrary File Upload Vulnerability | OnTheGoSystems | Types | High | 7.2 | 2024-03-26 19:57:00 | Deep Dive |
| CVE-2023-22674 | WordPress Dashicons + Custom Post Types Plugin <= 1.0.2 is vulnerable to Broken Access Control | Hal Gatewood | Dashicons + Custom Post Types | Medium | 5.4 | 2023-12-21 14:18:07 | Deep Dive |
| CVE-2023-32502 | WordPress Pro Mime Types Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF) | Sybre Waaijer | Pro Mime Types – Manage file media types | 高危 | - | 2023-11-09 22:12:03 | Deep Dive |
| CVE-2023-46781 | WordPress Current Menu Item for Custom Post Types Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) | Roland Murg | Current Menu Item for Custom Post Types | 中危 | - | 2023-11-06 11:19:15 | Deep Dive |
| CVE-2023-32116 | WordPress Custom post types Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) | TotalPress.org | Custom post types, Custom Fields & more | Medium | 5.9 | 2023-10-26 12:15:28 | Deep Dive |
| CVE-2023-4142 | WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.0 | 2023-08-04 02:04:31 | Deep Dive |
| CVE-2023-4141 | WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 8.0 | 2023-08-04 02:04:29 | Deep Dive |
| CVE-2023-4139 | WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | High | 7.5 | 2023-08-04 02:04:27 | Deep Dive |
| CVE-2023-4140 | WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation | smackcoders | WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress | Medium | 6.6 | 2023-08-04 02:04:25 | Deep Dive |
| CVE-2023-23790 | WordPress Pods Plugin <= 2.9.10.2 is vulnerable to Cross Site Request Forgery (CSRF) | Pods Framework Team | Pods – Custom Content Types and Fields | High | 7.1 | 2023-05-03 09:58:30 | Deep Dive |
| CVE-2023-25451 | WordPress CPO Content Types Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) | WPChill | CPO Content Types | Medium | 5.9 | 2023-04-23 10:41:55 | Deep Dive |
| CVE-2022-4442 | WCK < 2.3.3 - Admin+ Stored XSS | Unknown | Custom Post Types and Custom Fields creator | 中危 | - | 2023-01-16 15:37:54 | Deep Dive |
| CVE-2022-1977 | WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF | Unknown | Import Export All WordPress Images, Users & Post Types | 高危 | - | 2022-06-27 08:59:05 | Deep Dive |
| CVE-2021-24936 | WP Extra File Types < 0.5.1 - CSRF to Stored Cross-Site Scripting | Unknown | WP Extra File Types | 高危 | - | 2022-01-24 08:00:56 | Deep Dive |
| CVE-2021-24752 | Multiple Plugins from CatchThemes - Unauthorised Plugin's Setting Change | CatchThemes | Essential Widgets | 中危 | - | 2021-10-18 13:46:10 | Deep Dive |
| CVE-2021-24339 | Pods < 2.7.27 - Authenticated Stored Cross-Site Scripting (XSS) | Pods Framework Team | Pods – Custom Content Types and Fields | 中危 | - | 2021-06-21 19:18:13 | Deep Dive |
| CVE-2021-24338 | Pods < 2.7.27 - Authenticated Stored Cross-Site Scripting (XSS) | Pods Framework Team | Pods – Custom Content Types and Fields | 中危 | - | 2021-06-21 19:18:12 | Deep Dive |
| CVE-2020-8340 | IBM BladeCenter 跨站脚本漏洞 | Lenovo | System x IMM2 firmware for: x240, Machine Types: 7162, 2588; x440, Machine Type 7167, 2590 ; x3750 M4, Machine Type: 8753 ; x3250 M6, Machine type 3633, 3943 ; nx360 M5, Machine type 5465, 5467 ; x280/x480/x880 X6 , Machine Type 7196, 4258 ; x3850 X6 and x3950 X6, Machine type 6241 ; x3550 M5, Machine Type 5463, 8869 ; x3650 M5, Machine Type 5462, 8871; x3500 M5, Machine Type 5464, 5478 | Medium | 6.3 | 2020-09-15 14:20:18 | Deep Dive |
| CVE-2020-5622 | Shadankun 安全漏洞 | Cyber Security Cloud , Inc. | Shadankun Server Security Type (excluding normal blocking method types) | 高危 | - | 2020-09-02 04:35:14 | Deep Dive |