| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-46203 | WordPress Just Custom Fields plugin <= 3.3.2 - Broken Access Control vulnerability | Alex Prokopenko / JustCoded | Just Custom Fields | Medium | 4.3 | 2025-01-02 12:00:16 | Deep Dive |
| CVE-2024-56232 | WordPress WP Nice Loader plugin <= 0.1.0.4 - CSRF to Stored XSS vulnerability | Alex Volkov | WP Nice Loader | High | 7.1 | 2024-12-31 10:05:56 | Deep Dive |
| CVE-2023-41869 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.4 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 4.3 | 2024-12-13 14:24:23 | Deep Dive |
| CVE-2024-37926 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 5.3 | 2024-11-01 14:18:11 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-47643 | WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability | Alex | Include Fussball.de Widgets | Medium | 6.5 | 2024-10-05 12:56:49 | Deep Dive |
| CVE-2024-31423 | WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.5 - Broken Access Control vulnerability | Alex Volkov | WP Accessibility Helper (WAH) | Medium | 4.3 | 2024-06-09 17:15:41 | Deep Dive |
| CVE-2023-32295 | WordPress Easy!Appointments plugin <= 1.3.3 - Arbitrary File Deletion vulnerability | Alex Tselegidis | Easy!Appointments | Medium | 6.3 | 2024-04-11 11:54:46 | Deep Dive |
| CVE-2023-34168 | WordPress WP Report Post Plugin <= 2.1.2 is vulnerable to SQL Injection | Alex Raven | WP Report Post | High | 7.6 | 2023-12-18 22:36:13 | Deep Dive |
| CVE-2023-34171 | WordPress WP Report Post Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF) | Alex Raven | WP Report Post | 中危 | - | 2023-11-09 19:22:26 | Deep Dive |
| CVE-2023-25994 | WordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | Alex Benfica | Publish to Schedule | 高危 | - | 2023-11-09 15:48:42 | Deep Dive |
| CVE-2023-45769 | WordPress WP Report Post Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) | Alex Raven | WP Report Post | High | 7.1 | 2023-10-24 12:08:06 | Deep Dive |
| CVE-2023-45010 | WordPress Complete Open Graph Plugin <= 3.4.5 is vulnerable to Cross Site Scripting (XSS) | Alex MacArthur | Complete Open Graph | Medium | 5.9 | 2023-10-17 10:55:21 | Deep Dive |
| CVE-2023-23794 | WordPress Semalt Blocker Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS) | Alex Moss | Semalt Blocker | Medium | 5.9 | 2023-05-10 08:39:31 | Deep Dive |
| CVE-2023-26519 | WordPress Publish to Schedule Plugin <= 4.5.4 is vulnerable to Cross Site Scripting (XSS) | Alex Benfica | Publish to Schedule | Medium | 5.9 | 2023-05-06 06:53:01 | Deep Dive |
| CVE-2023-25783 | WordPress FireCask Like & Share Button Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS) | Alex Moss | FireCask Like & Share Button | Medium | 5.9 | 2023-05-03 10:34:13 | Deep Dive |