Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2022-40218 WordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Change vulnerability ThemeHunkAdvance WordPress Search Plugin Medium 6.5 2024-05-08 11:57:45 Deep Dive
CVE-2024-34561 WordPress Real3D Flipbook PDF Viewer Lite plugin <= 3.71 - Cross Site Scripting (XSS) vulnerability Creative interactive media3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin Medium 5.9 2024-05-08 11:09:42 Deep Dive
CVE-2024-3601 Poll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Email Enumeration ays-proPoll Maker – Versus Polls, Anonymous Polls, Image Polls Medium 5.3 2024-05-02 16:52:54 Deep Dive
CVE-2024-3897 Popup Box – Best WordPress Popup Plugin <= 4.3.6 - Missing Authorization to Information Exposure ays-proPopup Box – Create Countdown, Coupon, Video, Contact Form Popups Medium 5.3 2024-05-02 16:52:48 Deep Dive
CVE-2024-2417 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 8.8 2024-05-02 16:52:42 Deep Dive
CVE-2024-3233 Ivory Search – WordPress Search Plugin <= 5.5.5 - Missing Authorization to Authenticated (Subscriber+) Index Creation vinod-dalviIvory Search – WordPress Search Plugin Medium 4.3 2024-05-02 16:52:40 Deep Dive
CVE-2024-4000 WordPress Header Builder Plugin – Pearl <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode stylemixPearl – Header Builder Medium 6.4 2024-05-02 16:52:35 Deep Dive
CVE-2024-3295 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.5 - Missing Authorization to Unauthenticated Media Deletion wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.5 2024-05-02 16:52:21 Deep Dive
CVE-2024-2967 Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor <= 4.4.7 - Authenticated (Admin+) Stored Cross-Site Scripting aharonyanGuest posting / Frontend Posting / Front Editor – WP Front User Submit Medium 4.4 2024-05-02 16:52:19 Deep Dive
CVE-2024-3942 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.3.8 - Missing Authorization stylemixMasterStudy LMS WordPress Plugin – for Online Courses and Education Medium 6.3 2024-05-02 16:52:11 Deep Dive
CVE-2024-3554 All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode smubAll in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Medium 6.4 2024-05-02 16:51:54 Deep Dive
CVE-2024-1945 ARForms Form Builder <= 1.6.4 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Option Deletion reputeinfosystemsContact Form, Survey, Quiz & Popup Form Builder – ARForms High 7.1 2024-05-02 16:51:41 Deep Dive
CVE-2024-3682 WP STAGING <= 3.4.3 and WP STAGING Pro <= 5.4.3 - Sensitive Information Exposure via Log File renehermiWP STAGING – WordPress Backup, Restore & Migration Medium 5.3 2024-04-26 09:29:52 Deep Dive
CVE-2024-3732 GeoDirectory – WordPress Business Directory Plugin, or Classified Directory <= 2.3.48 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'gd_single_tabs' Shortcode paoltaiaGeoDirectory – WP Business Directory Plugin and Classified Listings Directory Medium 6.4 2024-04-23 09:32:55 Deep Dive
CVE-2024-32694 WordPress 3D FlipBook, PDF Viewer, PDF Embedder plugin <= 3.62 - Reflected Cross Site Scripting (XSS) vulnerability Creative interactive media3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin High 7.1 2024-04-22 07:48:43 Deep Dive
CVE-2024-3600 Poll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting ays-proPoll Maker – Versus Polls, Anonymous Polls, Image Polls High 7.2 2024-04-19 02:34:44 Deep Dive
CVE-2024-3560 LearnPress – WordPress LMS Plugin <= 4.2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 6.4 2024-04-19 01:57:09 Deep Dive
CVE-2024-2309 WP Staging < 3.4.0, 5.4.0 (Pro Version) - Admin+ Stored XSS UnknownWP STAGING WordPress Backup Plugin --2024-04-17 05:00:03 Deep Dive
CVE-2024-0868 coreActivity < 2.1 - Unauthenticated IP Spoofing UnknowncoreActivity: Activity Logging plugin for WordPress--2024-04-17 05:00:02 Deep Dive
CVE-2024-3235 Essential Grid <= 3.1.1 - Unauthenticated Private Post Disclosure ThemePunchEssential Grid Gallery WordPress Plugin Medium 5.3 2024-04-10 04:30:21 Deep Dive