| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-45078 | WordPress User Blocker Plugin <= 1.5.5 is vulnerable to CSV Injection | Solwin Infotech | User Blocker | Medium | 5.9 | 2023-11-07 17:05:59 | Deep Dive |
| CVE-2022-45350 | WordPress Simple History Plugin <= 3.3.1 is vulnerable to CSV Injection | Pär Thernström | Simple History – user activity log, audit tool | Medium | 5.8 | 2023-11-07 15:05:07 | Deep Dive |
| CVE-2023-5228 | User Registration < 3.0.4.2 - Admin+ Stored XSS | Unknown | User Registration | 低危 | - | 2023-11-06 20:40:46 | Deep Dive |
| CVE-2023-37966 | WordPress User Activity Log Plugin <= 1.6.2 is vulnerable to SQL Injection | Solwin Infotech | User Activity Log | 超危 | - | 2023-10-31 14:57:14 | Deep Dive |
| CVE-2023-32738 | WordPress Eonet Manual User Approve Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS) | Alkaweb | Eonet Manual User Approve | Medium | 5.9 | 2023-10-27 20:16:56 | Deep Dive |
| CVE-2023-46153 | WordPress User Feedback Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS) | UserFeedback Team | User Feedback | High | 7.1 | 2023-10-27 07:39:17 | Deep Dive |
| CVE-2023-46202 | WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF) | Jeff Sherk | Auto Login New User After Registration | Medium | 4.3 | 2023-10-24 10:51:02 | Deep Dive |
| CVE-2020-36754 | Paid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery Bypass | strangerstudios | Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions | Medium | 4.3 | 2023-10-20 07:29:35 | Deep Dive |
| CVE-2023-3996 | ARMember Lite - Membership Plugin <= 4.0.16 - Authenticated (Administrator+) Stored Cross-Site Scripting | reputeinfosystems | ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup | Medium | 4.4 | 2023-10-20 07:29:30 | Deep Dive |
| CVE-2023-31217 | WordPress User Location and IP Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) | MyTechTalky | User Location and IP | Medium | 6.5 | 2023-10-18 12:47:55 | Deep Dive |
| CVE-2023-45056 | WordPress Open User Map | Everybody can add locations Plugin <= 1.3.26 is vulnerable to Cross Site Scripting (XSS) | 100plugins | Open User Map | Medium | 5.9 | 2023-10-18 08:14:23 | Deep Dive |
| CVE-2023-5133 | User Activity Log Pro < 2.3.4 - IP Spoofing | Unknown | user-activity-log-pro | 高危 | - | 2023-10-16 19:39:18 | Deep Dive |
| CVE-2023-4798 | User Avatar - Reloaded < 1.2.2 - Contributor+ Stored XSS | Unknown | User Avatar | 中危 | - | 2023-10-16 19:39:10 | Deep Dive |
| CVE-2023-5167 | User Activity Log Pro < 2.3.4 - Unauthenticated Stored Cross-Site Scripting via User Agent | Unknown | user-activity-log-pro | 中危 | - | 2023-10-16 19:39:01 | Deep Dive |
| CVE-2023-39308 | WordPress User Feedback Plugin <= 1.0.7 is vulnerable to Cross Site Scripting (XSS) | UserFeedback Team | User Feedback | High | 7.1 | 2023-09-29 13:59:40 | Deep Dive |
| CVE-2023-4915 | WP User Control <= 1.5.3 - Insecure Password Reset Mechanism | wmsedgar | WP User Control | Medium | 5.3 | 2023-09-13 02:54:13 | Deep Dive |
| CVE-2023-4307 | Lock User Account <= 1.0.3 - Arbitrary Account Lock/Unlock via CSRF | Unknown | Lock User Account | 中危 | - | 2023-09-11 19:46:05 | Deep Dive |
| CVE-2023-4779 | User Submitted Posts – Enable Users to Submit Posts from the Front End <= 20230811 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | specialk | User Submitted Posts – Enable Users to Submit Posts from the Front End | Medium | 6.4 | 2023-09-06 06:41:22 | Deep Dive |
| CVE-2023-4279 | User Activity Log < 1.6.7 - IP Spoofing | Unknown | User Activity Log | 高危 | - | 2023-09-04 11:27:04 | Deep Dive |
| CVE-2023-4269 | User Activity Log < 1.6.6 - Subscriber+ Log Export | Unknown | User Activity Log | 中危 | - | 2023-09-04 11:26:56 | Deep Dive |