Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Vulnerability List - Page 2

Found 4636 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-12277 Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Deletion via Saved File Metadata Path Traversal UnknownFrontend File Manager Plugin 高危 -2026-07-07 06:00:02 Deep Dive
CVE-2026-12375 Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server Unknownuncanny-automator-pro 超危 -2026-07-07 06:00:02 Deep Dive
CVE-2026-4375 DoLeads Integrator <= 1.2.2 & wp2epub <= 0.65 - Unauthenticated RCE UnknownDoLeads Integrator 超危 -2026-07-07 06:00:02 Deep Dive
CVE-2026-10834 WP Travel Engine < 6.8.1 - Subscriber+ Arbitrary Media File Move via user_profile_image UnknownWP Travel Engine 中危 -2026-07-07 06:00:01 Deep Dive
CVE-2026-6382 Multiple elFinder Plugins - Authenticated OS Command Injection UnknownFileOrganizer 超危 -2026-07-06 06:00:02 Deep Dive
CVE-2026-11855 Simple Membership < 4.7.5 - Unauthenticated Stored XSS via Stripe Webhook API Version UnknownSimple Membership 高危 -2026-07-06 06:00:02 Deep Dive
CVE-2026-11962 FileOrganizer < 1.2.0 - Authenticated Arbitrary File Upload via elFinder File Operations UnknownFileOrganizer 高危 -2026-07-06 06:00:02 Deep Dive
CVE-2026-12083 Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter UnknownAdmin and Site Enhancements (ASE) 高危 -2026-07-06 06:00:02 Deep Dive
CVE-2026-11766 Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields UnknownUltimate Member 高危 -2026-07-06 06:00:01 Deep Dive
CVE-2026-10830 AllCoach < 1.0.2 - Unauthenticated Account Takeover UnknownAllCoach 高危 -2026-07-06 06:00:01 Deep Dive
CVE-2024-6228 WANotifier < 2.6 - Subscriber+ LFI UnknownNotifications for Forms & WordPress Actions 高危 -2026-07-06 06:00:01 Deep Dive
CVE-2026-11578 Fluent Forms < 6.2.5 - Form Manager+ Cross-Form Submission Entry Deletion via IDOR UnknownFluent Forms 低危 -2026-07-02 06:00:03 Deep Dive
CVE-2026-11965 User Registration & Membership < 5.2.0 - Unauthenticated Paid Membership Bypass UnknownUser Registration & Membership 中危 -2026-07-02 06:00:03 Deep Dive
CVE-2026-11781 Adminify < 4.2.10 - Contributor+ Sensitive Information Disclosure via Global Search AJAX UnknownAdminify 低危 -2026-07-02 06:00:03 Deep Dive
CVE-2026-10077 YOOtheme Pro < 5.0.35 - Author+ Stored XSS via UIkit Data Attributes Unknownyootheme 中危 -2026-07-02 06:00:02 Deep Dive
CVE-2026-11887 Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass UnknownSalon Booking System 中危 -2026-07-01 06:00:03 Deep Dive
CVE-2026-11880 Fluent Forms < 6.2.1 - Subscriber+ Subscription Cancellation via IDOR UnknownFluent Forms 低危 -2026-07-01 06:00:03 Deep Dive
CVE-2026-11883 WebAuthn Provider for Two Factor < 2.5.6 - 2FA Bypass UnknownWebAuthn Provider for Two Factor 高危 -2026-07-01 06:00:03 Deep Dive
CVE-2026-11568 Product Configurator for WooCommerce < 1.7.3 - Unauthenticated Private/Draft Product Data Disclosure via pc_get_data UnknownProduct Configurator for WooCommerce 高危 -2026-07-01 06:00:02 Deep Dive
CVE-2026-11562 WS Form LITE < 1.11.8 - Subscriber+ Arbitrary Settings Update UnknownWS Form LITE 中危 -2026-07-01 06:00:02 Deep Dive