| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-1396 | Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' | averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-05-02 16:52:08 | Deep Dive |
| CVE-2024-3341 | Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode | averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-05-02 16:51:59 | Deep Dive |
| CVE-2024-1348 | Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS | averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-05-02 16:51:45 | Deep Dive |
| CVE-2024-1357 | Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode | averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-04-16 09:33:00 | Deep Dive |
| CVE-2024-1999 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.25 - Authenticated (Contributor+) Stored Cross-Site Scripting via Testimonial Widget | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-04-09 18:59:16 | Deep Dive |
| CVE-2023-6964 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.1.26 - Authenticated(Contributor+) Server-Side Request Forgery (SSRF) | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | High | 8.5 | 2024-04-09 18:59:15 | Deep Dive |
| CVE-2024-0598 | Gutenberg Blocks by Kadence Blocks <= 3.2.17 - Authenticated(Editor+) Stored Cross-Site Scripting via Contact Form Message Settings | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 4.4 | 2024-04-09 18:59:07 | Deep Dive |
| CVE-2024-2919 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via CountUp Widget | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-04-04 02:32:40 | Deep Dive |
| CVE-2024-31099 | WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability | Averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-04-01 14:07:10 | Deep Dive |
| CVE-2024-1541 | Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.23 - Authenticated (Contributor+) Stored Cross-Site Scripting | stellarwp | Kadence Blocks — Page Builder Toolkit for Gutenberg Editor | Medium | 6.4 | 2024-03-13 15:27:16 | Deep Dive |
| CVE-2022-40700 | Server Side Request Forgery (SSRF) vulnerability affecting multiple WordPress plugins | Montonio | Montonio for WooCommerce | High | 8.2 | 2024-01-19 14:30:11 | Deep Dive |
| CVE-2023-50368 | WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) | Averta | Shortcodes and extra features for Phlox theme | Medium | 6.5 | 2023-12-14 13:56:07 | Deep Dive |
| CVE-2015-10104 | Icons for Features Plugin class-icons-for-features-admin.php redirect | - | Icons for Features Plugin | Low | 3.5 | 2023-04-30 20:31:03 | Deep Dive |
| CVE-2022-3359 | Shortcodes and extra features for Phlox theme < 2.10.7 - PHP Objection Injection | Unknown | Shortcodes and extra features for Phlox theme | 高危 | - | 2022-12-12 17:54:32 | Deep Dive |
| CVE-2022-1910 | Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting | Unknown | Shortcodes and extra features for Phlox theme | 中危 | - | 2022-07-11 12:56:28 | Deep Dive |
| CVE-2013-4318 | features Ruby Gem ‘/tmp/out.html’ 注入漏洞 | Features | Features | 中危 | - | 2019-12-26 20:49:22 | Deep Dive |