Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 53 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-12633 Booking Calendar | Appointment Booking | Bookit <= 2.5.0 - Missing Authorization to Unauthenticated Stripe Connection stellarwpBookit — Booking & Appointment Calendar High 7.5 2025-11-12 07:27:41 Deep Dive
CVE-2025-12192 The Events Calendar <= 6.15.9 - Sysinfo Key Incorrect Comparison to Unauthenticated Sensitive Information Exposure stellarwpThe Events Calendar Medium 5.3 2025-11-05 09:27:41 Deep Dive
CVE-2025-12197 The Events Calendar 6.15.1.1 - 6.15.9 - Unauthenticated SQL Injection via s stellarwpThe Events Calendar High 7.5 2025-11-05 04:36:59 Deep Dive
CVE-2025-12175 The Events Calendar <= 6.15.9 - Missing Authorization to Authenticated (Subscriber+) Draft Event Title/QR Code Exposure stellarwpThe Events Calendar Medium 4.3 2025-10-31 08:25:55 Deep Dive
CVE-2025-62027 WordPress Event Tickets plugin <= 5.26.3 - Broken Access Control vulnerability StellarWPEvent Tickets--2025-10-22 14:32:51 Deep Dive
CVE-2025-49906 WordPress WPComplete plugin <= 2.9.5.3 - Broken Access Control vulnerability StellarWPWPComplete Medium 5.3 2025-10-22 14:32:10 Deep Dive
CVE-2025-58974 WordPress WPComplete Plugin <= 2.9.5.2 - Cross Site Scripting (XSS) Vulnerability StellarWPWPComplete Medium 6.5 2025-09-22 18:26:08 Deep Dive
CVE-2025-54697 WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability StellarWPKadence WooCommerce Email Designer High 7.2 2025-08-14 10:34:54 Deep Dive
CVE-2025-50046 WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability StellarWPWPComplete Medium 6.5 2025-06-20 15:03:49 Deep Dive
CVE-2025-48246 WordPress The Events Calendar plugin <= 6.11.2.1 - Broken Access Control Vulnerability StellarWPThe Events Calendar Medium 5.4 2025-05-19 14:44:55 Deep Dive
CVE-2025-39557 WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability StellarWPKadence WooCommerce Email Designer Critical 9.1 2025-04-16 12:44:34 Deep Dive
CVE-2025-30794 WordPress Event Tickets plugin <= 5.20.0 - Reflected Cross Site Scripting (XSS) vulnerability StellarWPEvent Tickets High 7.1 2025-04-01 05:31:37 Deep Dive
CVE-2025-22633 WordPress Give – Divi Donation Modules plugin <= 2.0.0 - Sensitive Data Exposure vulnerability StellarWPGive – Divi Donation Modules 中危 -2025-02-23 22:55:07 Deep Dive
CVE-2025-24537 WordPress The Events Calendar plugin <= 6.7.0 - Cross Site Request Forgery (CSRF) vulnerability StellarWPThe Events Calendar Medium 5.4 2025-01-27 14:22:15 Deep Dive
CVE-2024-11090 Membership Plugin – Restrict Content <= 3.2.13 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure stellarwpMembership Plugin – Restrict Content Medium 5.3 2025-01-26 06:41:21 Deep Dive
CVE-2025-24753 WordPress Kadence Blocks plugin <= 3.3.1 - Broken Access Control vulnerability StellarWPGutenberg Blocks by Kadence Blocks Medium 4.3 2025-01-24 17:25:22 Deep Dive
CVE-2025-22777 WordPress GiveWP Plugin <= 3.19.3 - PHP Object Injection vulnerability StellarWPGiveWP Critical 9.8 2025-01-13 13:10:52 Deep Dive
CVE-2023-23672 WordPress GiveWP plugin <= 2.25.1 - Arbitrary Content Deletion vulnerability Liquid Web / StellarWPGiveWP Medium 5.4 2025-01-02 15:06:38 Deep Dive
CVE-2024-38762 WordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerability StellarWPEvent Tickets Medium 4.3 2025-01-02 12:01:06 Deep Dive
CVE-2024-37518 WordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerability StellarWPThe Events Calendar Medium 4.3 2025-01-02 12:01:01 Deep Dive