| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-0958 | Inisev Plugins (Various Versions) - Missing Authorization on handle_installation function | inisev | Redirection | Medium | 4.3 | 2023-07-28 04:37:04 | Deep Dive |
| CVE-2023-3977 | Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function | inisev | Redirection | Medium | 4.3 | 2023-07-28 04:37:03 | Deep Dive |
| CVE-2023-33329 | WordPress Custom Post Type Generator Plugin <= 2.4.2 is vulnerable to Cross Site Scripting (XSS) | Hijiri | Custom Post Type Generator | Medium | 5.9 | 2023-07-18 17:15:07 | Deep Dive |
| CVE-2023-3179 | POST SMTP Mailer < 2.5.7 - Account Takeover via CSRF | Unknown | POST SMTP Mailer | 高危 | - | 2023-07-17 13:29:54 | Deep Dive |
| CVE-2021-4422 | POST SMTP Mailer <= 2.0.20 - Cross-Site Request Forgery Bypass | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | Medium | 4.3 | 2023-07-12 06:52:35 | Deep Dive |
| CVE-2023-3082 | Post SMTP <= 2.5.7 - Unauthenticated Stored Cross-Site Scripting via Email | saadiqbal | Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App | High | 7.2 | 2023-07-12 04:38:46 | Deep Dive |
| CVE-2020-36739 | Feed Them Social – Page, Post, Video, and Photo Galleries <= 2.8.6 - Cross-Site Request Forgery Bypass | slickremix | Feed Them Social – Social Media Feeds, Video, and Photo Galleries | Medium | 4.3 | 2023-07-01 03:30:13 | Deep Dive |
| CVE-2023-27413 | WordPress W4 Post List Plugin <= 2.4.4 is vulnerable to Cross Site Scripting (XSS) | Shazzad Hossain Khan | W4 Post List | Medium | 6.5 | 2023-06-22 07:42:22 | Deep Dive |
| CVE-2023-1016 | Intuitive Custom Post Order <= 3.1.4.1 - Authenticated (Admin+) SQL Injection | hijiri | Intuitive Custom Post Order | Medium | 6.6 | 2023-06-09 05:33:36 | Deep Dive |
| CVE-2023-2237 | WP Replicate Post <= 4.0.2 - Authenticated (Contributor+) SQL Injection | yudiz | WP Replicate Post | High | 8.8 | 2023-06-09 05:33:24 | Deep Dive |
| CVE-2020-36699 | Quick Page/Post Redirect Plugin <= 5.1.9 - Redirect Security Bypass | anadnet | Quick Page/Post Redirect Plugin | Medium | 4.3 | 2023-06-07 01:51:13 | Deep Dive |
| CVE-2022-4946 | Frontend Post WordPress Plugin <= 2.8.4 - Contributor+ Arbitrary Redirect | Unknown | Frontend Post WordPress Plugin | 中危 | - | 2023-06-05 13:39:01 | Deep Dive |
| CVE-2023-2503 | 10WebSocial < 1.2.9 - Reflected XSS | Unknown | 10Web Social Post Feed | 中危 | - | 2023-06-05 13:38:58 | Deep Dive |
| CVE-2023-1661 | Display post meta, term meta, comment meta, and user meta <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | trasweb | Display post meta, term meta, comment meta, and user meta | Medium | 6.4 | 2023-05-31 03:36:10 | Deep Dive |
| CVE-2022-46853 | WordPress The Post Grid Plugin <= 5.0.4 is vulnerable to Cross Site Request Forgery (CSRF) | RadiusTheme | The Post Grid | Medium | 4.3 | 2023-05-23 13:12:14 | Deep Dive |
| CVE-2022-32970 | WordPress Themify Portfolio Post Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) | Themify | Themify Portfolio Post | Medium | 4.1 | 2023-05-10 08:56:39 | Deep Dive |
| CVE-2023-23862 | WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Scripting (XSS) | Gopi Ramasamy | Vertical scroll recent post | Medium | 6.5 | 2023-05-09 10:11:45 | Deep Dive |
| CVE-2023-0526 | Post Shortcode <= 2.0.9 - Contributor+ Stored Cross-Site Scripting | Unknown | Post Shortcode | 中危 | - | 2023-05-08 13:58:25 | Deep Dive |
| CVE-2023-0542 | Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS | Unknown | Custom Post Type List Shortcode | 中危 | - | 2023-05-08 13:58:12 | Deep Dive |
| CVE-2023-1623 | Custom Post Type UI < 1.13.5 - Debug Info Sending via CSRF | Unknown | Custom Post Type UI | 中危 | - | 2023-04-24 18:31:01 | Deep Dive |