| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-12846 | Emlog Pro link.php cross site scripting | - | Emlog Pro | Medium | 4.3 | 2024-12-21 05:00:11 | Deep Dive |
| CVE-2024-12845 | Emlog Pro common.php cross site scripting | - | Emlog Pro | Low | 3.5 | 2024-12-20 21:31:04 | Deep Dive |
| CVE-2024-12844 | Emlog Pro store.php cross site scripting | - | Emlog Pro | Medium | 4.3 | 2024-12-20 21:00:20 | Deep Dive |
| CVE-2024-12843 | Emlog Pro plugin.php cross site scripting | - | Emlog Pro | Medium | 4.3 | 2024-12-20 20:31:05 | Deep Dive |
| CVE-2024-12842 | Emlog Pro user.php cross site scripting | - | Emlog Pro | Medium | 4.3 | 2024-12-20 20:00:14 | Deep Dive |
| CVE-2024-12841 | Emlog Pro tag.php cross site scripting | - | Emlog Pro | Medium | 4.3 | 2024-12-20 18:31:05 | Deep Dive |
| CVE-2020-9250 | Micro Focus Vibe 跨站脚本漏洞 | Huawei | HUAWEI Mate 20 Pro | Low | 3.3 | 2024-12-20 01:50:07 | Deep Dive |
| CVE-2024-12331 | File Manager Pro – Filester <= 1.8.6 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation | ninjateam | File Manager Pro – Filester | Medium | 4.3 | 2024-12-19 11:14:15 | Deep Dive |
| CVE-2024-11999 | Schneider Electric多款产品 安全漏洞 | Schneider Electric | Harmony (Formerly Magelis) HMIST6, HMISTM6, HMIG3U, HMIG3X, HMISTO7 series with EcoStruxure Operator Terminal Expert runtime | High | 8.8 | 2024-12-17 06:13:01 | Deep Dive |
| CVE-2024-9624 | WP All Import Pro <= 4.9.3 - Authenticated (Administrator+) Server-Side Request Forgery via File Import | Soflyy | WP All Import Pro | High | 7.6 | 2024-12-17 05:23:41 | Deep Dive |
| CVE-2024-54285 | WordPress SeedProd Pro plugin <= 6.18.13 - Remote Code Execution (RCE) vulnerability | SeedProd LLC | SeedProd Pro | Critical | 9.1 | 2024-12-16 15:50:15 | Deep Dive |
| CVE-2024-54284 | WordPress SeedProd Pro plugin < 6.18.13 - SQL Injection vulnerability | SeedProd LLC | SeedProd Pro | High | 7.6 | 2024-12-16 15:47:32 | Deep Dive |
| CVE-2024-54283 | WordPress SeedProd Pro plugin < 6.18.13 - SQL Injection vulnerability | SeedProd LLC | SeedProd Pro | High | 7.6 | 2024-12-16 15:46:35 | Deep Dive |
| CVE-2024-37251 | WordPress Advanced Custom Fields Pro plugin < 6.3.2 - Cross-Site Request Forgery (CSRF) vulnerability | WPENGINE, INC. | Advanced Custom Fields PRO | Medium | 4.3 | 2024-12-16 15:03:39 | Deep Dive |
| CVE-2024-55978 | WordPress Code Generator Pro plugin <= 1.2 - SQL Injection vulnerability | WalletStation | Code Generator Pro | Critical | 9.3 | 2024-12-16 14:31:21 | Deep Dive |
| CVE-2024-54386 | WordPress Push Monkey Pro plugin <= 3.9 - CSRF to Stored XSS vulnerability | pushmonkey | Push Monkey Pro – Web Push Notifications and WooCommerce Abandoned Cart | High | 7.1 | 2024-12-16 14:14:08 | Deep Dive |
| CVE-2024-54256 | WordPress Easy Blocks pro plugin <= 1.0.21 - Broken Access Control vulnerability | Seerox | Easy Blocks pro | High | 7.1 | 2024-12-13 14:24:40 | Deep Dive |
| CVE-2023-41865 | WordPress Slider Pro plugin <= 4.8.6 - Broken Access Control vulnerability | bqworks | Slider Pro | Medium | 4.3 | 2024-12-13 14:24:22 | Deep Dive |
| CVE-2023-32601 | WordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.12 - Broken Access Control vulnerability | Deetronix | Booking Ultra Pro | Medium | 5.4 | 2024-12-13 14:23:27 | Deep Dive |
| CVE-2023-22697 | WordPress Survey Maker plugin <= 3.2.0 - Broken Access Control vulnerability | Ays Pro | Survey Maker | Medium | 5.3 | 2024-12-13 14:22:13 | Deep Dive |