| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-24986 | Post Grid < 2.1.16 - Reflected Cross-Site Scripting via keyword | Unknown | Post Grid | 中危 | - | 2022-04-11 14:40:35 | Deep Dive |
| CVE-2022-0748 | Arbitrary Code Execution | - | post-loader | Critical | 9.8 | 2022-03-17 11:21:02 | Deep Dive |
| CVE-2021-33852 | WordPress Plugin Post-Duplicator Plugin 跨站脚本漏洞 | - | WordPress Post Duplicator Plugin | 中危 | - | 2022-03-09 16:54:43 | Deep Dive |
| CVE-2021-25010 | Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting | Unknown | Post Snippets | 超危 | - | 2022-02-28 09:06:28 | Deep Dive |
| CVE-2021-25075 | Duplicate Page or Post < 1.5.1 - Arbitrary Settings Update to Stored XSS | Unknown | Duplicate Page or Post | 低危 | - | 2022-02-21 10:45:50 | Deep Dive |
| CVE-2021-24867 | Backdoored Plugins & Themes from AccessPress Themes | AccessPress Themes | Frontend Post WordPress Plugin – AccessPress Anonymous Post | 超危 | - | 2022-02-21 10:45:39 | Deep Dive |
| CVE-2022-0200 | Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting | Unknown | Themify Portfolio Post | 中危 | - | 2022-02-14 09:21:03 | Deep Dive |
| CVE-2021-25076 | WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting | Unknown | WP User Frontend – Membership, Profile, Registration & Post Submission Plugin for WordPress | 高危 | - | 2022-01-24 08:01:24 | Deep Dive |
| CVE-2021-24733 | WP Post Page Clone < 1.2 - Unauthorised Post Access | Unknown | WP Post Page Clone | 中危 | - | 2022-01-24 08:00:49 | Deep Dive |
| CVE-2021-25065 | Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting (XSS) | Unknown | Smash Balloon Social Post Feed | 中危 | - | 2022-01-17 13:00:40 | Deep Dive |
| CVE-2021-24956 | Blog2Social < 6.8.7 - Reflected Cross-Site Scripting | Unknown | Blog2Social: Social Media Auto Post & Scheduler | 中危 | - | 2021-12-21 08:45:39 | Deep Dive |
| CVE-2021-39315 | Magic Post Voice <= 1.2 Reflected Cross-Site Scripting | Magic Post Voice | Magic Post Voice | Medium | 6.1 | 2021-12-14 15:50:09 | Deep Dive |
| CVE-2021-24932 | Auto Featured Image < 3.9.3 - Reflected Cross-Site Scripting | Unknown | Auto Featured Image (Auto Post Thumbnail) | 中危 | - | 2021-12-13 10:41:22 | Deep Dive |
| CVE-2021-24855 | Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting | Unknown | Display Post Metadata | 中危 | - | 2021-12-13 10:41:08 | Deep Dive |
| CVE-2021-24819 | Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access | Unknown | Page/Post Content Shortcode | 中危 | - | 2021-12-13 10:41:02 | Deep Dive |
| CVE-2021-24780 | Single Post Exporter <= 1.1.1 - Plugin's Settings Update via CSRF | Unknown | Single Post Exporter | 中危 | - | 2021-12-13 10:40:50 | Deep Dive |
| CVE-2021-24918 | Smash Balloon Social Post Feed < 4.0.1 - Subscriber+ Arbitrary Plugin Settings Update to Stored XSS | Unknown | Smash Balloon Social Post Feed | 中危 | - | 2021-11-29 08:25:51 | Deep Dive |
| CVE-2021-43408 | Duplicate Post WordPress Plugin SQL Injection Vulnerability | Copy Delete Posts | Duplicate Post WordPress Plugin | Medium | 6.5 | 2021-11-19 15:41:33 | Deep Dive |
| CVE-2021-24783 | Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion | Unknown | Post Expirator: Automatically Unpublish WordPress Posts | 中危 | - | 2021-11-08 17:35:19 | Deep Dive |
| CVE-2021-24629 | Post Content XMLRPC <= 1.0 - Admin+ SQL Injections | Unknown | Post Content XMLRPC | 高危 | - | 2021-11-08 17:34:52 | Deep Dive |