| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6369 | Export WP Page to Static HTML/CSS <= 2.1.9 - Missing Authorization via Multiple AJAX Actions | recorp | Export WordPress Pages to Static HTML & PDF — Static Site Export | Medium | 5.4 | 2024-01-11 08:32:34 | Deep Dive |
| CVE-2023-6988 | Colibri Page Builder <= 1.0.239 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-01-11 08:32:31 | Deep Dive |
| CVE-2023-52206 | WordPress Page Builder: Live Composer Plugin <= 1.5.25 is vulnerable to PHP Object Injection | Live Composer Team | Page Builder: Live Composer | High | 7.7 | 2024-01-08 19:32:07 | Deep Dive |
| CVE-2023-52128 | WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF) | WhiteWP | White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard | Medium | 4.3 | 2024-01-05 08:49:17 | Deep Dive |
| CVE-2023-6738 | PageLayer <= 1.7.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via meta fields | softaculous | Page Builder: Pagelayer – Drag and Drop website builder | Medium | 5.4 | 2024-01-04 03:30:13 | Deep Dive |
| CVE-2023-52131 | WordPress Page Generator Plugin <= 1.7.1 is vulnerable to SQL Injection | WP Zinc | Page Generator | High | 7.6 | 2023-12-31 17:43:59 | Deep Dive |
| CVE-2023-51378 | WordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Rise Themes | Rise Blocks – A Complete Gutenberg Page Builder | Medium | 5.4 | 2023-12-29 12:08:17 | Deep Dive |
| CVE-2023-51402 | WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF) | Brain Storm Force | Ultimate Addons for WPBakery Page Builder | Medium | 4.3 | 2023-12-29 12:05:58 | Deep Dive |
| CVE-2023-50889 | WordPress Beaver Builder Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS) | The Beaver Builder Team | Beaver Builder – WordPress Page Builder | Medium | 6.5 | 2023-12-29 11:21:56 | Deep Dive |
| CVE-2023-51396 | WordPress Brizy – Page Builder Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS) | Brizy.io | Brizy – Page Builder | Medium | 6.5 | 2023-12-29 10:27:12 | Deep Dive |
| CVE-2023-50833 | WordPress Colibri Page Builder Plugin <= 1.0.239 is vulnerable to Cross Site Scripting (XSS) | ExtendThemes | Colibri Page Builder | Medium | 6.5 | 2023-12-21 17:53:56 | Deep Dive |
| CVE-2023-28788 | WordPress Advanced Page Visit Counter Plugin <= 6.4.2 is vulnerable to SQL Injection | Page Visit Counter | Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress | High | 7.1 | 2023-12-20 17:19:52 | Deep Dive |
| CVE-2023-47530 | WordPress Redirect 404 Error Page to Homepage or Custom Page with Logs Plugin <= 1.8.7 is vulnerable to SQL Injection | WPVibes | Redirect 404 Error Page to Homepage or Custom Page with Logs | High | 7.6 | 2023-12-18 22:57:04 | Deep Dive |
| CVE-2023-47558 | WordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to SQL Injection | Mahlamusa | Who Hit The Page – Hit Counter | High | 7.6 | 2023-12-18 22:53:52 | Deep Dive |
| CVE-2023-50372 | WordPress Custom Post Type Page Template Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) | Hiroaki Miyashita | Custom Post Type Page Template | Medium | 4.3 | 2023-12-18 10:15:29 | Deep Dive |
| CVE-2023-49823 | WordPress Bold Page Builder Plugin <= 4.6.1 is vulnerable to Cross Site Scripting (XSS) | BoldThemes | Bold Page Builder | Medium | 6.5 | 2023-12-15 15:27:52 | Deep Dive |
| CVE-2023-49842 | WordPress Rocket Maintenance Mode & Coming Soon Page Plugin <= 4.3 is vulnerable to Cross Site Scripting (XSS) | wpexpertsio | Rocket Maintenance Mode & Coming Soon Page | Medium | 5.9 | 2023-12-14 16:15:42 | Deep Dive |
| CVE-2023-50370 | WordPress Livemesh Addons for WPBakery Page Builder Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS) | Livemesh | WPBakery Page Builder Addons by Livemesh | Medium | 6.5 | 2023-12-14 13:43:00 | Deep Dive |
| CVE-2023-50371 | WordPress Advanced Page Visit Counter Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS) | Page Visit Counter | Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress | Medium | 6.5 | 2023-12-14 12:57:08 | Deep Dive |
| CVE-2023-48325 | WordPress Landing Page Builder Plugin <= 1.5.1.5 is vulnerable to Open Redirection | PluginOps | Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages | Medium | 4.7 | 2023-12-07 11:32:44 | Deep Dive |