| CVE-2023-6855 | Paid Memberships Pro <= 2.12.5 - Missing Authorization via API | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 5.3 | 2024-01-11 08:32:32 | Deep Dive |
| CVE-2023-52213 | WordPress Rate Star Review Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS) | VideoWhisper | Rate Star Review – AJAX Reviews for Content, with Star Ratings | High | 7.1 | 2024-01-08 19:26:35 | Deep Dive |
| CVE-2023-52200 | WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection | Repute Infosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Critical | 9.6 | 2024-01-08 19:18:44 | Deep Dive |
| CVE-2023-52150 | WordPress Dynamic Content for Elementor Plugin < 2.12.5 is vulnerable to Cross Site Request Forgery (CSRF) | Ovation S.r.l. | Dynamic Content for Elementor | High | 8.8 | 2024-01-05 08:07:23 | Deep Dive |
| CVE-2023-51675 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection | AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | Medium | 4.7 | 2023-12-29 13:57:17 | Deep Dive |
| CVE-2023-50881 | WordPress Advanced Access Manager Plugin <= 6.9.15 is vulnerable to Cross Site Scripting (XSS) | AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | Medium | 6.5 | 2023-12-29 11:26:12 | Deep Dive |
| CVE-2023-6268 | JSON Content Importer < 1.5.4 - Reflected XSS | Unknown | JSON Content Importer | - | - | 2023-12-26 18:33:05 | Deep Dive |
| CVE-2023-50824 | WordPress Insert or Embed Articulate Content into WordPress Plugin <= 4.3000000021 is vulnerable to Cross Site Scripting (XSS) | Brian Batt | Insert or Embed Articulate Content into WordPress | Medium | 6.5 | 2023-12-21 14:42:05 | Deep Dive |
| CVE-2023-49819 | WordPress Structured Content Plugin <= 1.5.3 is vulnerable to PHP Object Injection | Gordon Böhme, Antonio Leutsch | Structured Content (JSON-LD) #wpsc | High | 7.5 | 2023-12-18 23:35:58 | Deep Dive |
| CVE-2023-49820 | WordPress Structured Content Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) | Gordon Böhme, Antonio Leutsch | Structured Content (JSON-LD) #wpsc | Medium | 6.5 | 2023-12-14 15:53:37 | Deep Dive |
| CVE-2023-40662 | WordPress Cookies and Content Security Policy Plugin <= 2.15 is vulnerable to Sensitive Data Exposure | Jonk @ Follow me Darling | Cookies and Content Security Policy | Medium | 5.3 | 2023-11-30 14:56:49 | Deep Dive |
| CVE-2023-44150 | WordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data Exposure | ProfilePress Membership Team | Paid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress | High | 7.5 | 2023-11-30 14:50:36 | Deep Dive |
| CVE-2023-41127 | WordPress Evergreen Content Poster Plugin <= 1.3.6.1 is vulnerable to Cross Site Scripting (XSS) | Evergreen Content Poster | Evergreen Content Poster – Auto Post and Schedule Your Best Content to Social Media | Medium | 5.9 | 2023-11-30 12:19:02 | Deep Dive |
| CVE-2023-47668 | WordPress Restrict Content Plugin <= 3.2.7 is vulnerable to Sensitive Data Exposure | StellarWP | Membership Plugin – Restrict Content | Medium | 5.3 | 2023-11-23 00:05:55 | Deep Dive |
| CVE-2023-6187 | Paid Memberships Pro <= 2.12.3 - Authenticated (Subscriber+) Arbitrary File Upload | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | High | 7.5 | 2023-11-18 01:54:35 | Deep Dive |
| CVE-2023-28499 | WordPress Slide Anything Plugin <= 2.4.9 is vulnerable to Cross Site Scripting (XSS) | simonpedge | Slide Anything – Responsive Content / HTML Slider and Carousel | 中危 | - | 2023-11-07 17:34:48 | Deep Dive |
| CVE-2023-35896 | IBM Content Navigator server-side request forgery | IBM | Content Navigator | Medium | 5.4 | 2023-11-03 02:14:32 | Deep Dive |
| CVE-2023-5625 | Python-eventlet: patch regression for cve-2021-21419 in some red hat builds | Red Hat | Ironic content for Red Hat OpenShift Container Platform 4.12 | Medium | 5.3 | 2023-11-01 13:28:10 | Deep Dive |
| CVE-2020-36754 | Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 4.3 | 2023-10-20 07:29:35 | Deep Dive |
| CVE-2023-3996 | ARMember Lite - Membership Plugin <= 4.0.16 - Authenticated (Administrator+) Stored Cross-Site Scripting | reputeinfosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Medium | 4.4 | 2023-10-20 07:29:30 | Deep Dive |