| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-60210 | WordPress Everest Forms - Frontend Listing plugin <= 1.0.5 - PHP Object Injection Vulnerability | wpeverest | Everest Forms - Frontend Listing | - | - | 2025-10-22 14:32:43 | Deep Dive |
| CVE-2025-11380 | Everest Backup <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | Medium | 5.9 | 2025-10-11 02:24:52 | Deep Dive |
| CVE-2025-59399 | libocpp 安全漏洞 | EVerest | libocpp | Low | 3.1 | 2025-09-15 00:00:00 | Deep Dive |
| CVE-2025-59398 | libocpp 安全漏洞 | EVerest | libocpp | Low | 3.1 | 2025-09-15 00:00:00 | Deep Dive |
| CVE-2025-5927 | Everest Forms (Pro) <= 1.9.4 - Unauthenticated Path Traversal to Arbitrary File Deletion | WPEverest | Everest Forms Pro | High | 7.5 | 2025-06-25 09:21:41 | Deep Dive |
| CVE-2025-49238 | WordPress Everest Backup plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) Vulnerability | everestthemes | Everest Backup | Medium | 4.3 | 2025-06-06 12:53:33 | Deep Dive |
| CVE-2024-8542 | Everest Forms < 3.0.3.1 - Admin+ Stored XSS | Unknown | Everest Forms | - | - | 2025-05-15 20:07:16 | Deep Dive |
| CVE-2025-3421 | Everest Forms <= 3.1.1 - Reflected Cross-Site Scripting | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | Medium | 6.1 | 2025-04-11 12:42:25 | Deep Dive |
| CVE-2025-3439 | Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress <= 3.1.1 - Unauthenticated PHP Object Injection | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | Critical | 9.8 | 2025-04-11 12:42:24 | Deep Dive |
| CVE-2025-3422 | Everest Forms <= 3.1.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | Medium | 5.4 | 2025-04-11 12:42:24 | Deep Dive |
| CVE-2025-1128 | Everest Forms <= 3.0.9.4 - Unauthenticated Arbitrary File Upload, Read, and Deletion | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | Critical | 9.8 | 2025-02-25 06:58:31 | Deep Dive |
| CVE-2024-13125 | Everest Forms < 3.0.8.1 - Admin+ Stored XSS | Unknown | Everest Forms | 中危 | - | 2025-02-13 06:00:12 | Deep Dive |
| CVE-2024-10471 | Everest Forms < 3.0.4.2 - Admin+ Stored XSS | Unknown | Everest Forms | - | - | 2024-11-26 06:00:07 | Deep Dive |
| CVE-2024-10028 | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin <= 2.2.13 - Sensitive Invormation Disclosure via procstat Log | everestthemes | Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin | High | 7.5 | 2024-11-05 23:28:42 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-37310 | EVerest has an integer overflow in the "v2g_incoming_v2gtp" function | EVerest | everest-core | Critical | 9.0 | 2024-07-10 19:39:37 | Deep Dive |
| CVE-2023-51377 | WordPress Everest Forms plugin <= 2.0.3 - Broken Access Control vulnerability | WPEverest | Everest Forms | Medium | 5.3 | 2024-06-14 05:45:05 | Deep Dive |
| CVE-2024-32531 | WordPress GuCherry Blog theme <= 1.1.8 - Reflected Cross Site Scripting (XSS) vulnerability | Everest themes | GuCherry Blog | High | 7.1 | 2024-04-17 09:31:11 | Deep Dive |
| CVE-2023-7201 | Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload | Unknown | Everest Backup | - | - | 2024-04-15 05:00:02 | Deep Dive |
| CVE-2024-1812 | Everest Forms <= 2.0.7 - Unauthenticated Server-Side Request Forgery via font_url | wpeverest | Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder | High | 7.2 | 2024-04-09 18:59:24 | Deep Dive |