| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-6261 | Image Photo Gallery Final Tiles Grid <= 3.6.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | wpchill | Image Photo Gallery Final Tiles Grid | Medium | 6.4 | 2025-02-27 05:23:05 | Deep Dive |
| CVE-2024-12853 | Modula Image Gallery <= 2.11.10 - Authenticated (Author+) Arbitrary File Upload | wpchill | Modula Image Gallery – Photo Grid & Video Gallery | High | 8.8 | 2025-01-08 09:18:37 | Deep Dive |
| CVE-2024-12711 | RSVP and Event Management <= 2.7.13 - Missing Authorization | wpchill | RSVP and Event Management | Medium | 5.3 | 2025-01-07 11:11:12 | Deep Dive |
| CVE-2024-11282 | Passster – Password Protect Pages and Content <= 4.2.10 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | wpchill | Passster – Password Protect Pages and Content | Medium | 5.3 | 2025-01-07 06:40:56 | Deep Dive |
| CVE-2024-11106 | Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure | wpchill | Simple Restrict | Medium | 5.3 | 2024-12-10 11:09:12 | Deep Dive |
| CVE-2024-10399 | Download Monitor <= 5.0.13 - Missing Authorization to Sensitive Information Exposure | wpchill | Download Monitor | Medium | 4.3 | 2024-10-30 05:32:15 | Deep Dive |
| CVE-2024-10092 | Download Monitor <= 5.0.12 - Missing Authorization to API Key Manipulation | wpchill | Download Monitor | Medium | 4.3 | 2024-10-26 07:36:08 | Deep Dive |
| CVE-2022-4972 | Download Monitor <= 4.7.51 - Missing Authorization to Unauthenticated Data Export | wpchill | Download Monitor | High | 7.5 | 2024-10-16 06:43:39 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8552 | Download Monitor <= 5.0.9 - Missing Authorization to Authenticated (Subscriber+) Shop Enable | wpchill | Download Monitor | Medium | 4.3 | 2024-09-26 02:03:25 | Deep Dive |
| CVE-2024-6571 | Optimize Images ALT Text (alt tag) & names for SEO using AI <= 3.1.1 - Unauthenticated Full Path Disclosure | arnoldasarny | Image SEO – AI-Driven Image SEO Optimizer | Medium | 5.3 | 2024-07-24 06:42:23 | Deep Dive |
| CVE-2023-6491 | Strong Testimonials <= 3.1.12 - Authenticated(Contributor+) Improper Authorization to Views Modification | wpchill | Strong Testimonials | Medium | 4.3 | 2024-06-07 05:33:47 | Deep Dive |
| CVE-2024-3269 | Download Monitor <= 4.9.13 - Missing Authorization | wpchill | Download Monitor | Medium | 5.4 | 2024-05-30 03:34:29 | Deep Dive |
| CVE-2024-32429 | WordPress Remove Footer Credit plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability | WPChill | Remove Footer Credit | Medium | 5.9 | 2024-04-15 06:28:38 | Deep Dive |
| CVE-2024-30501 | WordPress Download Monitor theme <= 4.9.4 - Auth. SQL Injection vulnerability | WPChill | Download Monitor | High | 7.6 | 2024-03-29 14:06:52 | Deep Dive |
| CVE-2024-1083 | Simple Restrict <= 1.2.6 - Missing Authorization to Sensitive Information Exposure | wpchill | Simple Restrict | Medium | 5.3 | 2024-03-13 15:26:54 | Deep Dive |
| CVE-2022-45354 | WordPress Download Monitor Plugin <= 4.7.60 is vulnerable to Sensitive Data Exposure | WPChill | Download Monitor | Medium | 5.3 | 2024-01-08 20:45:20 | Deep Dive |
| CVE-2023-52123 | WordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | WPChill | Strong Testimonials | Medium | 4.3 | 2024-01-05 09:05:13 | Deep Dive |
| CVE-2023-34007 | WordPress Download Monitor Plugin <= 4.8.3 is vulnerable to Arbitrary File Upload | WPChill | Download Monitor | Critical | 9.9 | 2023-12-20 18:49:46 | Deep Dive |
| CVE-2023-5704 | CPO Shortcodes <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpchill | CPO Shortcodes | Medium | 6.4 | 2023-11-22 15:33:39 | Deep Dive |