Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 148 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-23675 WordPress Import Users to MailChimp plugin <= 1.0 - CSRF to Stored XSS vulnerability Sana UllahImport Users to MailChimp High 7.1 2025-01-16 20:06:41 Deep Dive
CVE-2023-27428 WordPress WP users media plugin <= 4.2.3 - Broken Access Control vulnerability DamirCalusicWP users media Medium 5.4 2024-12-09 11:31:24 Deep Dive
CVE-2024-11374 TWChat – Send or receive messages from users <= 4.0.4 - Reflected Cross-Site Scripting rezaplusTWChat – Send or receive messages from users Medium 6.1 2024-12-07 09:27:04 Deep Dive
CVE-2024-9887 Login using WordPress Users ( WP as SAML IDP ) <= 1.15.6 - Authenticated (Administrator+) SQL Injection cyberlord92SAML IDP (Identity Provider) – Login with Website Users High 7.2 2024-11-16 09:36:34 Deep Dive
CVE-2024-43982 WordPress Login As Users plugin <= 1.4.3 - Broken Access Control to Account Takeover vulnerability Geek Code LabLogin As Users High 8.8 2024-11-01 14:17:12 Deep Dive
CVE-2024-50413 WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability Javier CarazoImport and export users and customers Medium 5.9 2024-10-29 08:47:50 Deep Dive
CVE-2019-25213 Advanced Access Manager <= 5.9.8.1 - Unauthenticated Arbitrary File Read vasyltechAdvanced Access Manager – Access Governance for WordPress Critical 9.8 2024-10-16 06:43:32 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9522 WP Users Masquerade <= 2.0.0 - Authenticated (Subscriber+) Authentication Bypass lagunaiswWP Users Masquerade High 8.8 2024-10-10 02:06:06 Deep Dive
CVE-2024-44015 WordPress Users Control plugin <= 1.0.16 - Local File Inclusion vulnerability istmopluginsUsers Control High 7.5 2024-10-05 10:57:01 Deep Dive
CVE-2024-7607 Front End Users <= 3.2.28 - Authenticated (Contributor+) Time-Based SQL Injection rustauriusFront End Users High 8.8 2024-08-29 05:30:58 Deep Dive
CVE-2024-7606 Front End Users <= 3.2.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode rustauriusFront End Users Medium 6.4 2024-08-29 05:30:56 Deep Dive
CVE-2024-43311 WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability Geek Code LabLogin As Users Critical 9.8 2024-08-19 19:20:47 Deep Dive
CVE-2024-38787 WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability Javier CarazoImport and export users and customers High 7.5 2024-08-13 10:33:21 Deep Dive
CVE-2024-38760 WordPress Send Users Email plugin <= 1.5.1 - Sensitive Data Exposure vulnerability David MaucherSend Users Email Medium 5.3 2024-08-13 10:32:09 Deep Dive
CVE-2024-5997 Duplica <= 0.6 - Authenticated (Subscriber+) Missing Authorization to Users/Posts Duplicates Creation codexpertDuplica – Duplicate Posts, Pages, Custom Posts or Users Medium 4.3 2024-07-18 21:32:36 Deep Dive
CVE-2024-34815 WordPress Import and export users and customers plugin <= 1.26.5 - Broken Access Control vulnerability Javier CarazoImport and export users and customers Medium 5.4 2024-06-11 16:18:06 Deep Dive
CVE-2024-22151 WordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerability CodectionImport and export users and customers Medium 5.3 2024-06-08 16:19:33 Deep Dive
CVE-2024-4656 Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting carazoImport and export users and customers Medium 4.4 2024-05-15 01:56:55 Deep Dive
CVE-2024-4734 Import and export users and customers <= 1.26.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting carazoImport and export users and customers Medium 4.4 2024-05-15 01:56:53 Deep Dive