| CVE-2024-1973 | Elevation of privileges vulnerability | OpenText | Secure Content Manager | High | 8.5 | 2024-03-25 21:27:44 | Deep Dive |
| CVE-2024-27995 | WordPress ARMember plugin <= 4.0.23 - Cross Site Scripting (XSS) vulnerability | Repute Infosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Medium | 5.9 | 2024-03-21 15:00:59 | Deep Dive |
| CVE-2024-1844 | RevivePress – Keep your Old Content Evergreen <= 1.5.6 - Missing Authorization | infosatech | RevivePress – Keep your Old Content Evergreen | Medium | 4.3 | 2024-03-20 06:48:25 | Deep Dive |
| CVE-2024-29099 | WordPress Evergreen Content Poster plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability | Evergreen Content Poster | Evergreen Content Poster | High | 7.1 | 2024-03-19 15:56:14 | Deep Dive |
| CVE-2024-29126 | WordPress Specific Content For Mobile plugin <= 0.1.9.5 - Cross Site Scripting (XSS) vulnerability | Jose Mortellaro | Specific Content For Mobile – Customize the mobile version without redirections | High | 7.1 | 2024-03-19 14:18:29 | Deep Dive |
| CVE-2024-29139 | WordPress MyCurator Content Curation plugin <= 3.76 - Cross Site Scripting (XSS) vulnerability | Mark Tilly | MyCurator Content Curation | High | 7.1 | 2024-03-19 13:37:42 | Deep Dive |
| CVE-2024-0687 | Restrict User Access – Ultimate Membership & Content Protection <= 2.5 - Information Exposure | intoxstudio | Restrict User Access – Ultimate Membership & Content Protection | Medium | 5.3 | 2024-03-13 15:27:26 | Deep Dive |
| CVE-2024-1806 | ProfilePress <= 4.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via profilepress-edit-profile Shortcode | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-03-13 15:27:17 | Deep Dive |
| CVE-2024-1409 | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.15.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via [reg-select-role] Shortcode | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-03-13 15:26:49 | Deep Dive |
| CVE-2024-1535 | ProfilePress <= 4.15.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | properfraction | Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | Medium | 6.4 | 2024-03-13 15:26:44 | Deep Dive |
| CVE-2024-1158 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | Medium | 4.3 | 2024-03-13 15:26:35 | Deep Dive |
| CVE-2024-1071 | WordPress Plugin Ultimate Member 安全漏洞 | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | Critical | 9.8 | 2024-03-13 15:26:32 | Deep Dive |
| CVE-2024-2123 | Ultimate Member <= 2.8.3 - Unauthenticated Stored Cross-Site Scripting | ultimatemember | Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin | High | 7.2 | 2024-03-13 09:35:15 | Deep Dive |
| CVE-2024-1169 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Upload | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | High | 7.5 | 2024-03-07 11:01:58 | Deep Dive |
| CVE-2024-1170 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Deletion | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | High | 8.2 | 2024-03-07 11:01:58 | Deep Dive |
| CVE-2024-2073 | SourceCodester Block Inserter for Dynamic Content view_post.php sql injection | SourceCodester | Block Inserter for Dynamic Content | Medium | 6.3 | 2024-03-01 17:00:08 | Deep Dive |
| CVE-2023-38366 | IBM FileNet Content Manager directory traversal | IBM | Filenet Content Manager | Medium | 5.3 | 2024-03-01 02:26:55 | Deep Dive |
| CVE-2023-47716 | IBM FileNet Content Manager privilege escalation | IBM | Filenet Content Manager | Medium | 6.3 | 2024-03-01 02:22:48 | Deep Dive |
| CVE-2024-24701 | WordPress Setka Editor Plugin <= 2.1.20 is vulnerable to Cross Site Request Forgery (CSRF) | Native Grid LLC | A no-code page builder for beautiful performance-based content | Medium | 4.3 | 2024-02-28 16:16:05 | Deep Dive |
| CVE-2024-0680 | WP Private Content Plus <= 3.6 - Protection Mechanism Bypass | nimeshrmr | WP Private Content Plus | Medium | 5.3 | 2024-02-28 08:33:07 | Deep Dive |