| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-26008 | WordPress Top 10 Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS) | Ajay D'Souza | Top 10 – Popular posts plugin for WordPress | Medium | 5.9 | 2023-03-23 16:48:11 | Deep Dive |
| CVE-2023-28659 | WordPress Plugin Waiting SQL注入漏洞 | - | Waiting: One-click Countdowns WordPress Plugin | 高危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28660 | WordPress Plugin Events Made Easy SQL注入漏洞 | - | Events Made Easy WordPress Plugin | 高危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28661 | WordPress Plugin WP Popup Banners SQL注入漏洞 | - | WP Popup Banners WordPress Plugin | 高危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28662 | WordPress Plugin Gift Cards SQL注入漏洞 | - | Gift Cards (Gift Vouchers and Packages) WordPress Plugin | 超危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28663 | WordPress Plugin Formidable PRO2PDF SQL注入漏洞 | - | Formidable PRO2PDF WordPress Plugin | 高危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28664 | WordPress plugin Meta Data and Taxonomies Filter 跨站脚本漏洞 | - | Meta Data and Taxonomies Filter WordPress Plugin | 中危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28665 | WordPress plugin Woo Bulk Price Update 跨站脚本漏洞 | - | Woo Bulk Price Update WordPress Plugin | 中危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28666 | WordPress plugin InPost Gallery 跨站脚本漏洞 | - | InPost Gallery WordPress Plugin | 中危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-28667 | WordPress Plugin Lead Generated 代码问题漏洞 | - | Lead Generated WordPress Plugin | 超危 | - | 2023-03-22 00:00:00 | Deep Dive |
| CVE-2023-0911 | Shortcodes Ultimate < 5.12.8 - Subscriber+ User Meta Disclosure | Unknown | WordPress Shortcodes Plugin — Shortcodes Ultimate | 中危 | - | 2023-03-20 15:52:24 | Deep Dive |
| CVE-2023-0890 | Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access | Unknown | WordPress Shortcodes Plugin — Shortcodes Ultimate | 中危 | - | 2023-03-20 15:52:16 | Deep Dive |
| CVE-2023-0175 | Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS | Unknown | Responsive Clients Logo Gallery Plugin for WordPress | 中危 | - | 2023-03-20 15:52:09 | Deep Dive |
| CVE-2023-1470 | eCommerce Product Catalog plugin for WordPress <= 3.3.8 - Authenticated (Administrator+) Stored Cross-Site Scripting | implecode | eCommerce Product Catalog Plugin for WordPress | Medium | 4.4 | 2023-03-17 13:13:15 | Deep Dive |
| CVE-2023-1172 | WordPress Plugin Bookly 跨站脚本漏洞 | ladela | WordPress Online Booking and Scheduling Plugin – Bookly | High | 7.2 | 2023-03-17 12:20:31 | Deep Dive |
| CVE-2023-1374 | Solidres <= 0.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting | solidres | Solidres – Hotel booking plugin for WordPress | Medium | 4.4 | 2023-03-13 12:31:14 | Deep Dive |
| CVE-2022-4932 | Total Upkeep <= 1.14.13 - Missing Authorization to Authenticated (Subscriber+) Information Disclosure | boldgrid | Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid | Medium | 4.3 | 2023-03-07 14:47:47 | Deep Dive |
| CVE-2023-0084 | Metform Elementor Contact Form Builder <= 3.1.2 - Unauthenticated Stored Cross-Site Scripting | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 7.2 | 2023-03-02 18:35:22 | Deep Dive |
| CVE-2023-0085 | Metform Elementor Contact Form Builder <= 3.2.1 - reCaptcha Protection Bypass | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.3 | 2023-03-02 16:01:14 | Deep Dive |
| CVE-2022-38468 | WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF) | Imagely | WordPress Gallery Plugin – NextGEN Gallery | Medium | 4.3 | 2023-03-01 13:02:02 | Deep Dive |