Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 25

Clear Filters
Found 623 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-39162 WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS) XLPluginsUser Email Verification for WooCommerce High 7.1 2023-09-04 09:46:44 Deep Dive
CVE-2023-3404 ProfileGrid <= 5.5.0 - Hardcoded Encryption Key metagaussProfileGrid – User Profiles, Groups and Communities Medium 4.9 2023-08-31 05:33:10 Deep Dive
CVE-2023-4150 User Activity Tracking and Log < 4.0.9 - License Update/Deactivation via CSRF UnknownUser Activity Tracking and Log 中危 -2023-08-30 14:22:05 Deep Dive
CVE-2022-1601 User Access Manager < 2.2.18 - IP Spoofing UnknownUser Access Manager 中危 -2023-08-30 14:22:04 Deep Dive
CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content' specialkUser Submitted Posts – Enable Users to Submit Posts from the Front End High 7.2 2023-08-15 07:32:37 Deep Dive
CVE-2023-3435 User Activity Log < 1.6.5 - Unauthenticated SQLi UnknownUser Activity Log 超危 -2023-08-14 19:10:19 Deep Dive
CVE-2023-2761 User Activity Log < 1.6.3 - Admin+ SQL Injection UnknownUser Activity Log 高危 -2023-07-24 10:20:26 Deep Dive
CVE-2023-3403 ProfileGrid <= 5.5.1 - Missing Authorization to User Import metagaussProfileGrid – User Profiles, Groups and Communities Medium 5.4 2023-07-18 02:39:26 Deep Dive
CVE-2023-3714 ProfileGrid <= 5.5.2 - Missing Authorization to Arbitrary Group Option Modification and Privilege Escalation metagaussProfileGrid – User Profiles, Groups and Communities High 7.5 2023-07-18 02:39:26 Deep Dive
CVE-2023-3713 ProfileGrid <= 5.5.1 - Authenticated (Subscriber+) Arbitrary Option Update metagaussProfileGrid – User Profiles, Groups and Communities High 8.8 2023-07-18 02:39:25 Deep Dive
CVE-2023-27424 WordPress Inactive User Deleter Plugin <= 1.59 is vulnerable to Cross Site Request Forgery (CSRF) Korol Yuriy aka ShraInactive User Deleter Medium 5.4 2023-07-17 12:17:34 Deep Dive
CVE-2023-3342 User Registration <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Upload wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Critical 9.9 2023-07-13 02:04:15 Deep Dive
CVE-2023-3343 User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder High 8.8 2023-07-13 02:04:15 Deep Dive
CVE-2023-3011 ARMember <= 4.0.5 - Cross-Site Request Forgery reputeinfosystemsARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup Medium 6.5 2023-07-12 04:38:44 Deep Dive
CVE-2023-1298 ServiceNow 跨站脚本漏洞 ServiceNowNow User Experience Medium 4.3 2023-07-06 17:13:28 Deep Dive
CVE-2023-35878 WordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Scripting (XSS) Vadym K.Extra User Details Medium 5.9 2023-06-20 07:57:09 Deep Dive
CVE-2019-25138 User Submitted Posts <= 20190312 - Unauthenticated Arbitrary File Upload specialkUser Submitted Posts – Enable Users to Submit Posts from the Front End Critical 9.8 2023-06-07 01:51:22 Deep Dive
CVE-2023-2546 WP User Switch <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass via Cookie iqbalronyWP User Switch High 8.8 2023-06-06 01:55:08 Deep Dive
CVE-2023-2781 User Email Verification for WooCommerce <= 3.5.0 - Authentication Bypass sandeepsoni214User Email Verification for WooCommerce High 8.1 2023-06-02 23:37:57 Deep Dive
CVE-2023-1661 Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting traswebDisplay post meta, term meta, comment meta, and user meta Medium 6.4 2023-05-31 03:36:10 Deep Dive