Vulnerability List - Page 3

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2024-34549	WordPress WP Job Manager plugin <= 2.2.2 - Sensitive Data Exposure vulnerability	Automattic	WP Job Manager	Medium	5.3	2024-05-09 12:12:22	Deep Dive
CVE-2023-47774	WordPress Jetpack plugin < 12.7 - Auth. Iframe Injection vulnerability	Automattic	Jetpack	Medium	5.4	2024-04-24 15:58:40	Deep Dive
CVE-2023-52211	WordPress WP Job Manager plugin <= 2.0.0 - Broken Access Control vulnerability	Automattic	WP Job Manager	Medium	5.3	2024-04-12 14:33:32	Deep Dive
CVE-2024-22155	WordPress WooCommerce plugin <= 8.5.2 - Cross Site Request Forgery (CSRF) vulnerability	Automattic	WooCommerce	Medium	4.3	2024-04-07 17:56:06	Deep Dive
CVE-2023-51489	WordPress Crowdsignal Polls & Ratings plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability	Automattic, Inc.	Crowdsignal Dashboard – Polls, Surveys & more	Medium	5.4	2024-03-16 01:01:34	Deep Dive
CVE-2023-50875	WordPress Sensei LMS Plugin <= 4.17.0 is vulnerable to Cross Site Scripting (XSS)	Automattic	Sensei LMS – Online Courses, Quizzes, & Learning	Medium	6.5	2024-02-12 06:50:04	Deep Dive
CVE-2023-51488	WordPress Crowdsignal Dashboard – Polls, Surveys & more Plugin <= 3.0.11 is vulnerable to Cross Site Scripting (XSS)	Automattic, Inc.	Crowdsignal Dashboard – Polls, Surveys & more	High	7.1	2024-02-10 08:27:19	Deep Dive
CVE-2023-52222	WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF)	Automattic	WooCommerce	Medium	4.3	2024-01-08 18:53:05	Deep Dive
CVE-2023-51503	WordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR)	Automattic	WooPayments – Fully Integrated Solution Built and Supported by Woo	Medium	5.9	2023-12-31 17:59:28	Deep Dive
CVE-2023-50879	WordPress WordPress.com Editing Toolkit Plugin <= 3.78784 is vulnerable to Cross Site Scripting (XSS)	Automattic	WordPress.com Editing Toolkit	Medium	6.5	2023-12-29 11:31:25	Deep Dive
CVE-2023-35915	WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to SQL Injection	Automattic	WooPayments – Fully Integrated Solution Built and Supported by Woo	High	7.6	2023-12-20 15:15:38	Deep Dive
CVE-2023-35916	WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR)	Automattic	WooPayments – Fully Integrated Solution Built and Supported by Woo	High	7.5	2023-12-20 15:12:38	Deep Dive
CVE-2023-49828	WordPress WooCommerce Payments Plugin <= 6.4.2 is vulnerable to Cross Site Scripting (XSS)	Automattic	WooPayments – Fully Integrated Solution Built and Supported by Woo	Medium	6.5	2023-12-14 14:29:47	Deep Dive
CVE-2023-45050	WordPress Jetpack Plugin <= 12.8-a.1 is vulnerable to Cross Site Scripting (XSS)	Automattic	Jetpack – WP Security, Backup, Speed, & Growth	Medium	6.5	2023-11-30 12:07:42	Deep Dive
CVE-2023-47777	WordPress WooCommerce and WooCommerce Blocks plugins - Auth. Cross-Site Scripting (XSS) vulnerability	Automattic	WooCommerce	Medium	6.5	2023-11-30 11:56:54	Deep Dive
CVE-2022-3342	Jetpack CRM <= 5.3.1 - Cross-Site Request Forgery and PHAR Deserialization	automattic	Jetpack CRM – Clients, Leads, Invoices, Billing, Email Marketing, & Automation	High	7.5	2023-10-20 07:29:24	Deep Dive
CVE-2023-3696	Prototype Pollution in automattic/mongoose	automattic	automattic/mongoose	超危	-	2023-07-17 00:00:21	Deep Dive
CVE-2023-27429	WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS)	Automattic - Jetpack CRM team	Jetpack CRM	Medium	5.9	2023-06-21 13:19:21	Deep Dive
CVE-2023-1912	Limit Login Attempts <= 1.7.1 - Unauthenticated Stored Cross-Site Scripting	automattic	Limit Login Attempts	High	7.2	2023-04-06 14:37:58	Deep Dive
CVE-2022-45069	WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability	Automattic, Inc.	Crowdsignal Dashboard – Polls, Surveys & more (WordPress plugin)	Medium	6.3	2022-11-17 22:18:39	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List - Page 3