| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-23213 | Tandoor Recipes - Stored XSS through Unrestricted File Upload | TandoorRecipes | recipes | High | 8.7 | 2025-01-28 15:31:20 | Deep Dive |
| CVE-2025-23212 | Tandoor Recipes - Local file disclosure - Users can read the content of any file on the server | TandoorRecipes | recipes | High | 7.7 | 2025-01-28 15:29:08 | Deep Dive |
| CVE-2025-23211 | Tandoor Recipes - SSTI - Remote Code Execution | TandoorRecipes | recipes | Critical | 9.9 | 2025-01-28 15:24:27 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-7626 | WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) <= 1.6.9 - Improper Path Validation to Authenticated (Subscriber+) Arbitrary File Move and Read | wpdelicious | WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) | High | 8.1 | 2024-09-11 07:31:32 | Deep Dive |
| CVE-2024-43935 | WordPress WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability | WP Delicious | Delicious Recipes – WordPress Recipe Plugin | Medium | 6.5 | 2024-08-29 18:08:32 | Deep Dive |
| CVE-2024-31994 | Mealie vulnerable to a DoS in recipe image importer (GHSL-2023-228) | mealie-recipes | mealie | Medium | 6.5 | 2024-04-19 21:11:38 | Deep Dive |
| CVE-2024-31993 | Mealie vulnerable to a GET-based SSRF in recipe image importer (GHSL-2023-227) | mealie-recipes | mealie | Medium | 6.2 | 2024-04-19 21:02:57 | Deep Dive |
| CVE-2024-31992 | Mealie contains a DoS vulnerability in recipe importer | mealie-recipes | mealie | Medium | 6.5 | 2024-04-19 20:49:18 | Deep Dive |
| CVE-2024-31991 | Mealie vulnerable to a GET-based SSRF in recipe importer (GHSL-2023-225) | mealie-recipes | mealie | Medium | 4.1 | 2024-04-19 20:42:06 | Deep Dive |
| CVE-2024-0403 | Recipes 1.5.10 - Blind SSRF | Recipes | Recipes | Medium | 6.5 | 2024-02-29 23:31:15 | Deep Dive |
| CVE-2023-52180 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.1.0 is vulnerable to SQL Injection | Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes | High | 7.6 | 2023-12-31 10:17:49 | Deep Dive |
| CVE-2023-31076 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS) | Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes | High | 7.1 | 2023-08-17 08:44:54 | Deep Dive |
| CVE-2023-35089 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) | Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes | Medium | 4.3 | 2023-07-17 13:31:13 | Deep Dive |
| CVE-2022-23074 | Recipes - Stored XSS in Name Parameter | recipes | recipes | 中危 | - | 2022-06-21 09:20:11 | Deep Dive |
| CVE-2022-23073 | Recipes - Stored XSS in Clipboard | recipes | recipes | 中危 | - | 2022-06-21 08:50:10 | Deep Dive |
| CVE-2022-23072 | Recipes - Stored XSS in Add to Cart | recipes | recipes | 中危 | - | 2022-06-21 08:10:11 | Deep Dive |
| CVE-2022-23071 | Recipes - SSRF on Import | recipes | recipes | 中危 | - | 2022-06-19 10:15:15 | Deep Dive |