| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-9593 | Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution | Scott Paterson | Time Clock Pro | High | 8.3 | 2024-10-18 17:32:31 | Deep Dive |
| CVE-2024-9383 | Parcel Pro <= 1.8.4 - Reflected Cross-Site Scripting | parcelpro | Parcel Pro | Medium | 6.1 | 2024-10-18 04:32:55 | Deep Dive |
| CVE-2024-49289 | WordPress Cooked Pro plugin < 1.8.0 - Cross Site Scripting (XSS) vulnerability | Gora Tech LLC | Cooked Pro | Medium | 6.5 | 2024-10-17 19:09:52 | Deep Dive |
| CVE-2024-49291 | WordPress Cooked Pro plugin < 1.8.0 - Unauthenticated Arbitrary File Upload vulnerability | Gora Tech LLC | Cooked Pro | Critical | 10.0 | 2024-10-17 17:20:41 | Deep Dive |
| CVE-2024-9893 | Nextend Social Login Pro <= 3.1.14 - Authentication Bypass via WordPress.com OAuth provider | nextendweb | Nextend Social Login Pro | Critical | 9.8 | 2024-10-16 13:56:39 | Deep Dive |
| CVE-2024-8507 | File Manager Pro <= 8.3.9 - Cross-Site Request Forgery to Arbitrary File Upload | File Manager | File Manager Pro | High | 8.8 | 2024-10-16 06:43:45 | Deep Dive |
| CVE-2020-36833 | Indeed Membership Pro 7.3 - 8.6 - Missing Authorization Checks | wpindeed | Indeed Membership Pro | Medium | 6.3 | 2024-10-16 06:43:41 | Deep Dive |
| CVE-2020-36832 | Indeed Membership Pro 7.3 - 8.6 - Authentication Bypass | wpindeed | Indeed Membership Pro | Critical | 9.8 | 2024-10-16 06:43:38 | Deep Dive |
| CVE-2024-8746 | File Manager Pro <= 8.3.9 - Unauthenticated Backup File Download and Upload | File Manager | File Manager Pro | High | 7.5 | 2024-10-16 06:43:35 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8918 | File Manager Pro <= 8.3.9 - Unauthenticated Limited JavaScript File Upload | File Manager | File Manager Pro | High | 7.4 | 2024-10-16 06:43:23 | Deep Dive |
| CVE-2024-9074 | Advanced Blocks Pro <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | essamamdani | Advanced Blocks Pro | Medium | 6.4 | 2024-10-10 02:06:14 | Deep Dive |
| CVE-2024-8488 | Survey Maker – Customer Satisfaction Questionnaire, Chat Survey, Calculation Form, Payment Forms <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site Scripting | ays-pro | Survey Maker | Medium | 4.4 | 2024-10-08 11:04:23 | Deep Dive |
| CVE-2024-8884 | Schneider Electric System Monitor application 信息泄露漏洞 | Schneider Electric | System Monitor application in Harmony Industrial PC HMIBMO/HMIBMI/HMIPSO/HMIBMP/HMIBMU/HMIPSP/HMIPEP series | Critical | 9.8 | 2024-10-08 10:32:25 | Deep Dive |
| CVE-2023-52952 | Siemens HiMed Cockpit 安全漏洞 | Siemens | HiMed Cockpit 12 pro | High | 8.5 | 2024-10-08 08:40:10 | Deep Dive |
| CVE-2024-7206 | Firmware extraction and Hardware SSL Pinning Bypass | eWeLink | Zigbee Bridge Pro | - | - | 2024-10-08 06:14:12 | Deep Dive |
| CVE-2024-47306 | WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability | Ays Pro | Secure Copy Content Protection and Content Locking | High | 7.1 | 2024-10-06 11:33:10 | Deep Dive |
| CVE-2024-47347 | WordPress Chartify plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability | Ays Pro | Chartify | High | 7.1 | 2024-10-06 10:29:32 | Deep Dive |
| CVE-2024-43814 | goTenna Pro ATAK Plugin Insertion of Sensitive Information Into Sent Data | goTenna | Pro ATAK Plugin | Medium | 4.3 | 2024-09-26 17:48:06 | Deep Dive |
| CVE-2024-41715 | goTenna Pro ATAK Plugin Observable Response Discrepancy | goTenna | Pro ATAK Plugin | Medium | 4.3 | 2024-09-26 17:46:05 | Deep Dive |