| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-52397 | WordPress Convert Docx2post plugin <= 1.4 - Arbitrary File Upload vulnerability | Davor Zeljkovic | Convert Docx2post | Critical | 9.1 | 2024-11-16 22:10:14 | Deep Dive |
| CVE-2024-49228 | WordPress bVerse Convert plugin <= 1.3.7.1 - Cross Site Scripting (XSS) vulnerability | Edwin Rivera | bVerse Convert | Medium | 6.5 | 2024-10-18 09:56:11 | Deep Dive |
| CVE-2024-9361 | Bulk images optimizer: Resize, optimize, convert to webp, rename ... <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Plugin Options Update | giuliopanda | Bulk images optimizer: Resize, optimize, convert to webp, rename … | Medium | 4.3 | 2024-10-18 04:32:55 | Deep Dive |
| CVE-2024-38680 | WordPress Appmaker plugin <= 1.36.12 - Reflected Cross Site Scripting (XSS) vulnerability | Appmaker | Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps | High | 7.1 | 2024-07-20 07:46:48 | Deep Dive |
| CVE-2023-3352 | Smush – Lazy Load Images, Optimize & Compress Images <= 3.16.4 - Missing Authorization to Resmush List Deletion | wpmudev | Smush – Image Optimization, Compression, Lazy Load, WebP & CDN | Medium | 4.3 | 2024-06-21 02:05:44 | Deep Dive |
| CVE-2023-36684 | WordPress Convert Pro plugin <= 1.7.5 - Broken Access Control vulnerability | Brainstorm Force | Convert Pro | High | 7.1 | 2024-06-19 13:50:19 | Deep Dive |
| CVE-2024-4636 | Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload | optimole | Optimole – Optimize Images in Real Time | Medium | 6.4 | 2024-05-15 06:51:56 | Deep Dive |
| CVE-2024-32108 | WordPress Convert Post Types plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability | Stephanie Leary | Convert Post Types | Medium | 4.3 | 2024-04-11 12:56:26 | Deep Dive |
| CVE-2024-31112 | WordPress Convert Post Types plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability | Stephanie Leary | Convert Post Types | High | 7.1 | 2024-03-31 18:56:41 | Deep Dive |
| CVE-2023-28677 | Jenkins Plugins Convert To Pipeline 命令注入漏洞 | Jenkins Project | Jenkins Convert To Pipeline Plugin | 超危 | - | 2023-03-23 11:26:06 | Deep Dive |
| CVE-2023-28676 | Jenkins Plugins Convert To Pipeline 跨站请求伪造漏洞 | Jenkins Project | Jenkins Convert To Pipeline Plugin | 高危 | - | 2023-03-23 11:26:05 | Deep Dive |
| CVE-2022-36428 | WordPress Rock Convert plugin <= 2.11.0 - Auth. Cross-Site Scripting (XSS) vulnerability | Stage | Rock Convert (WordPress plugin) | Medium | 4.8 | 2022-11-03 19:22:18 | Deep Dive |
| CVE-2022-3441 | Rock Convert < 2.11.0 - Admin+ Stored Cross-Site Scripting | Unknown | Rock Convert | 中危 | - | 2022-10-31 00:00:00 | Deep Dive |
| CVE-2022-3440 | Rock Convert < 2.6.0 - Reflected Cross-Site Scripting | Unknown | Rock Convert | 中危 | - | 2022-10-31 00:00:00 | Deep Dive |
| CVE-2022-25759 | Remote Code Injection | - | convert-svg-core | Critical | 9.9 | 2022-07-22 20:00:19 | Deep Dive |
| CVE-2022-24278 | Directory Traversal | - | convert-svg-core | High | 7.5 | 2022-06-10 20:05:32 | Deep Dive |
| CVE-2022-24429 | Arbitrary Code Injection | - | convert-svg-core | High | 7.5 | 2022-06-10 20:00:38 | Deep Dive |
| CVE-2021-25074 | WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect | Unknown | WebP Converter for Media – Convert WebP and AVIF & Optimize Images | 中危 | - | 2022-01-24 08:01:22 | Deep Dive |
| CVE-2021-23631 | Directory Traversal | - | convert-svg-core | High | 7.5 | 2022-01-21 20:05:24 | Deep Dive |