| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-7291 | JetFormBuilder <= 3.3.4.1 - Authenticated (Administrator+) Privilege Escalation | jetmonsters | JetFormBuilder — Dynamic Blocks Form Builder | High | 7.2 | 2024-08-03 06:41:40 | Deep Dive |
| CVE-2024-6489 | Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authorization to Google API key update | jetmonsters | Getwid – Gutenberg Blocks | Medium | 5.3 | 2024-07-20 06:43:48 | Deep Dive |
| CVE-2024-6491 | Getwid – Gutenberg Blocks <= 2.0.10 - Missing Authentication to MailChimp API key update | jetmonsters | Getwid – Gutenberg Blocks | Medium | 4.3 | 2024-07-20 06:43:46 | Deep Dive |
| CVE-2024-4626 | JetWidgets For Elementor <= 1.0.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via layout_type and id Parameters | jetmonsters | JetWidgets For Elementor | Medium | 6.4 | 2024-06-20 02:08:21 | Deep Dive |
| CVE-2024-5611 | Stratum – Elementor Widgets <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget | jetmonsters | Stratum Widgets for Elementor | Medium | 6.4 | 2024-06-15 09:43:51 | Deep Dive |
| CVE-2024-4413 | Hotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object Injection | jetmonsters | MotoPress Hotel Booking | Critical | 9.8 | 2024-05-10 21:32:41 | Deep Dive |
| CVE-2024-3588 | Getwid – Gutenberg Blocks <= 2.0.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'Countdown' | jetmonsters | Getwid – Gutenberg Blocks | Medium | 6.4 | 2024-05-02 16:52:36 | Deep Dive |
| CVE-2024-3342 | Timetable and Event Schedule by MotoPress <= 2.4.11 - Authenticated (Contributor+) SQL Injection | jetmonsters | Timetable and Event Schedule by MotoPress | Critical | 9.9 | 2024-04-27 08:37:55 | Deep Dive |
| CVE-2024-31386 | Multiple WordPress themes affected by Cross-Site Request Forgery vulnerability | Hidekazu Ishikawa | X-T9 | Medium | 4.3 | 2024-04-10 18:47:28 | Deep Dive |
| CVE-2024-2138 | JetWidgets For Elementor <= 1.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Box Widget | jetmonsters | JetWidgets For Elementor | Medium | 6.4 | 2024-04-09 18:59:35 | Deep Dive |
| CVE-2024-2507 | JetWidgets For Elementor <= 1.0.16 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Button URL | jetmonsters | JetWidgets For Elementor | Medium | 6.4 | 2024-04-09 18:59:10 | Deep Dive |
| CVE-2024-1948 | Getwid – Gutenberg Blocks <= 2.0.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Block Content | jetmonsters | Getwid – Gutenberg Blocks | Medium | 6.4 | 2024-04-09 18:58:55 | Deep Dive |
| CVE-2023-6963 | Getwid – Gutenberg Blocks <= 2.0.4 - Captcha Bypass | jetmonsters | Getwid – Gutenberg Blocks | Medium | 5.3 | 2024-02-05 21:22:02 | Deep Dive |
| CVE-2023-6959 | Getwid – Gutenberg Blocks <= 2.0.4 - Missing Authorization to Recaptcha API Key Modification | jetmonsters | Getwid – Gutenberg Blocks | Medium | 4.3 | 2024-02-05 21:21:50 | Deep Dive |
| CVE-2023-1895 | Getwid – Gutenberg Blocks <= 1.8.3 - Authenticated(Subscriber+) Server Side Request Forgery | jetmonsters | Getwid – Gutenberg Blocks | High | 8.5 | 2023-06-09 05:33:38 | Deep Dive |
| CVE-2023-1910 | Getwid – Gutenberg Blocks <= 1.8.3 - Improper Authorization via get_remote_templates REST endpoint | jetmonsters | Getwid – Gutenberg Blocks | Medium | 4.3 | 2023-06-09 05:33:20 | Deep Dive |
| CVE-2023-0086 | JetWidgets for Elementor <= 1.0.12 - Cross-Site Request Forgery to Settings Update | jetmonsters | JetWidgets For Elementor | Medium | 5.4 | 2023-01-05 16:21:28 | Deep Dive |