Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-0596 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html() awesomesupportAwesome Support – WordPress HelpDesk & Support Plugin Medium 5.3 2024-02-10 06:51:53 Deep Dive
CVE-2024-0595 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via wpas_get_users() awesomesupportAwesome Support – WordPress HelpDesk & Support Plugin Medium 4.3 2024-02-10 06:51:52 Deep Dive
CVE-2024-0594 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Authenticated (Subscriber+) SQL Injection awesomesupportAwesome Support – WordPress HelpDesk & Support Plugin High 8.8 2024-02-10 06:51:52 Deep Dive
CVE-2024-0701 UserPro <= 5.1.6 - Disabled Membership Registration Bypass -UserPro - Community and User Profile WordPress Plugin Medium 5.3 2024-02-05 21:22:05 Deep Dive
CVE-2023-7029 WordPress Button Plugin MaxButtons <= 9.7.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode maxfoundryMaxButtons – Create buttons Medium 6.4 2024-02-05 21:22:00 Deep Dive
CVE-2024-1177 WP Club Manager – WordPress Sports Club Plugin <= 2.2.10 - Missing Authorization to Unauthenticated Event Permalink Update wpclubmanagerWP Club Manager – WordPress Sports Club Plugin Medium 5.3 2024-02-05 21:21:46 Deep Dive
CVE-2024-23508 WordPress PDF Poster - PDF Embedder Plugin for WordPress Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS) bPluginsPDF Poster – PDF Embedder Plugin for WordPress High 7.1 2024-01-31 15:21:17 Deep Dive
CVE-2024-0836 WordPress Review & Structure Data Schema Plugin – Review Schema <= 2.1.14 - Missing Authorization to Arbitrary Review Update techlabpro1Review Schema – Review & Structure Data Schema Plugin Medium 4.3 2024-01-31 07:33:07 Deep Dive
CVE-2023-2439 WordPress plugin UserPro 安全漏洞 -UserPro - Community and User Profile WordPress Plugin Medium 6.4 2024-01-31 02:35:10 Deep Dive
CVE-2023-7204 WP STAGING WordPress Backup Plugin < 3.2.0 - Unauthorized Sensitive Data Exposure UnknownWP STAGING WordPress Backup Plugin 高危 -2024-01-29 14:44:21 Deep Dive
CVE-2024-0618 Fluent Forms <= 5.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via imported form title techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.4 2024-01-27 05:38:22 Deep Dive
CVE-2022-40700 Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins MontonioMontonio for WooCommerce High 8.2 2024-01-19 14:30:11 Deep Dive
CVE-2024-22027 WordPress Plugin Quiz Maker 安全漏洞 AYS Pro PluginsWordPress Quiz Maker Plugin 中危 -2024-01-12 06:41:29 Deep Dive
CVE-2023-5504 BackWPup <= 4.0.1 - Authenticated (Administrator+) Directory Traversal wp_mediaBackWPup – WordPress Backup & Restore Plugin High 8.7 2024-01-11 08:33:07 Deep Dive
CVE-2023-6875 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Authorization Bypass via type connect-app API saadiqbalPost SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Critical 9.8 2024-01-11 08:33:06 Deep Dive
CVE-2023-6828 ARForms <= 1.5.8 - Unauthenticated Stored Cross-Site Scripting via arf_http_referrer_url reputeinfosystemsContact Form, Survey, Quiz & Popup Form Builder – ARForms High 7.2 2024-01-11 08:32:38 Deep Dive
CVE-2023-6567 LearnPress <= 4.2.5.7 - Unauthenticated SQL Injection via order_by thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Critical 9.8 2024-01-11 08:32:37 Deep Dive
CVE-2023-6742 Envira Gallery Lite <= 1.8.7.2 - Missing Authorization to Gallery Modification via envira_gallery_insert_images smubEnvira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & More Medium 4.3 2024-01-11 08:32:33 Deep Dive
CVE-2023-6634 LearnPress <= 4.2.5.7 - Command Injection thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses High 8.1 2024-01-11 08:32:29 Deep Dive
CVE-2023-6223 LearnPress <= 4.2.5.7 - Insecure Direct Object Reference to Information Disclosure thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 4.3 2024-01-11 06:49:32 Deep Dive