Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2564 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-31427 WordPress Invico - WordPress Consulting Business Theme <= 1.9 - Cross Site Scripting (XSS) Vulnerability designthemesInvico - WordPress Consulting Business Theme High 7.1 2025-07-16 11:28:05 Deep Dive
CVE-2025-47554 WordPress CSS3 Compare Pricing Tables for WordPress plugin <= 11.6 - Reflected Cross Site Scripting (XSS) vulnerability QuanticaLabsCSS3 Compare Pricing Tables for WordPress High 7.1 2025-07-16 11:28:04 Deep Dive
CVE-2025-46500 WordPress Wordpress Auto Spinner plugin <= 3.26.0 - Reflected Cross Site Scripting (XSS) vulnerability ValvePressWordpress Auto Spinner High 7.1 2025-07-16 11:28:04 Deep Dive
CVE-2025-48294 WordPress FG Drupal to WordPress plugin <= 3.90.0 - Server Side Request Forgery (SSRF) Vulnerability KerfredFG Drupal to WordPress Medium 4.4 2025-07-16 10:36:55 Deep Dive
CVE-2025-6043 Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 17.0 - Authenticated (Subscriber+) Arbitrary File Deletion malcureMalcure Malware Shield — Removal, Repair, Monitor High 8.1 2025-07-16 06:40:43 Deep Dive
CVE-2025-5394 Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.3 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation BearsthemesAlone – Charity Multipurpose Non-profit WordPress Theme Critical 9.8 2025-07-15 03:43:23 Deep Dive
CVE-2025-5393 Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary File Deletion BearsthemesAlone – Charity Multipurpose Non-profit WordPress Theme Critical 9.1 2025-07-15 03:43:23 Deep Dive
CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download boldgridTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid High 7.5 2025-07-12 11:23:40 Deep Dive
CVE-2025-1313 Nokri - Job Board WordPress Theme <= 1.6.3 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover scriptsbundleNokri – Job Board WordPress Theme High 8.8 2025-07-12 05:30:12 Deep Dive
CVE-2025-7442 WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection dasinfomediaWPGYM - Wordpress Gym Management System High 7.5 2025-07-11 07:23:01 Deep Dive
CVE-2025-7401 Premium Age Verification / Restriction for WordPress <= 3.0.2 - Unauthenticated Arbitrary File Read and Write via remote_tunnel.php aa-teamPremium Age Verification / Restriction for WordPress Critical 9.8 2025-07-11 04:22:01 Deep Dive
CVE-2025-6691 SureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Submission Deletion brainstormforceSureForms – Drag and Drop Form Builder for WordPress High 8.1 2025-07-09 05:23:40 Deep Dive
CVE-2025-6742 SureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated PHP Object Injection (PHAR) Triggered via Admin Submission Deletion brainstormforceSureForms – Drag and Drop Form Builder for WordPress High 7.5 2025-07-09 05:23:39 Deep Dive
CVE-2025-4606 Sala - Startup & SaaS WordPress Theme <= 1.1.4 - Unauthenticated Privilege Escalation via Password Reset/Account Takeover uxperSala - Startup & SaaS WordPress Theme Critical 9.8 2025-07-09 03:22:04 Deep Dive
CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE Genetech SolutionsWordPress Pie Register Plugin--2025-07-09 00:49:29 Deep Dive
CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting foopluginsLightbox & Modal Popup WordPress Plugin – FooBox Medium 6.4 2025-07-08 04:22:59 Deep Dive
CVE-2025-5957 Guest Support – Complete customer support ticket system for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Ticket Deletion rcathemeGuest Support Medium 5.3 2025-07-08 04:22:59 Deep Dive
CVE-2025-52807 WordPress Kossy - Minimalist eCommerce WordPress Theme <= 1.45 - Local File Inclusion Vulnerability ApusWPKossy - Minimalist eCommerce WordPress Theme High 8.1 2025-07-04 11:17:54 Deep Dive
CVE-2025-6039 ProcessingJS for WordPress <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting cageehvProcessingJS for WordPress Medium 6.4 2025-07-04 01:44:06 Deep Dive
CVE-2024-13786 Education Center | LMS & Online Courses WordPress Theme <= 3.6.10 - PHP Object Injection ThemeREXEducation Center | LMS & Online Courses WordPress Theme Critical 9.8 2025-07-02 06:40:24 Deep Dive