| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-48317 | WordPress Display Custom Post Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) | Vikas Vatsa | Display Custom Post | Medium | 6.5 | 2023-11-30 16:34:38 | Deep Dive |
| CVE-2023-46781 | WordPress Current Menu Item for Custom Post Types Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) | Roland Murg | Current Menu Item for Custom Post Types | 中危 | - | 2023-11-06 11:19:15 | Deep Dive |
| CVE-2023-32116 | WordPress Custom post types Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) | TotalPress.org | Custom post types, Custom Fields & more | Medium | 5.9 | 2023-10-26 12:15:28 | Deep Dive |
| CVE-2023-41851 | WordPress WP Custom Post Template Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) | Dotsquares | WP Custom Post Template | Medium | 4.3 | 2023-10-10 08:29:52 | Deep Dive |
| CVE-2023-44238 | WordPress Remove slug from custom post type Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | Joakim Ling | Remove slug from custom post type | Medium | 4.3 | 2023-10-09 09:57:11 | Deep Dive |
| CVE-2023-4792 | Duplicate Post Page Menu & Custom Post Type <= 2.3.1 - Missing Authorization to Post Duplication | inqsys | Duplicate Post Page Menu & Custom Post Type | Medium | 4.3 | 2023-09-07 01:52:17 | Deep Dive |
| CVE-2023-33329 | WordPress Custom Post Type Generator Plugin <= 2.4.2 is vulnerable to Cross Site Scripting (XSS) | Hijiri | Custom Post Type Generator | Medium | 5.9 | 2023-07-18 17:15:07 | Deep Dive |
| CVE-2023-1016 | Intuitive Custom Post Order <= 3.1.4.1 - Authenticated (Admin+) SQL Injection | hijiri | Intuitive Custom Post Order | Medium | 6.6 | 2023-06-09 05:33:36 | Deep Dive |
| CVE-2023-0542 | Custom Post Type List Shortcode <= 1.4.4 - Contributor+ Stored XSS | Unknown | Custom Post Type List Shortcode | 中危 | - | 2023-05-08 13:58:12 | Deep Dive |
| CVE-2023-1623 | Custom Post Type UI < 1.13.5 - Debug Info Sending via CSRF | Unknown | Custom Post Type UI | 中危 | - | 2023-04-24 18:31:01 | Deep Dive |
| CVE-2023-0420 | Custom Post Type and Taxonomy GUI Manager <= 1.1 - Stored XSS via CSRF | Unknown | Custom Post Type and Taxonomy GUI Manager | 中危 | - | 2023-04-24 18:30:49 | Deep Dive |
| CVE-2022-4386 | Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRF | Unknown | Intuitive Custom Post Order | 中危 | - | 2023-02-21 08:51:03 | Deep Dive |
| CVE-2022-4385 | Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update | Unknown | Intuitive Custom Post Order | 中危 | - | 2023-02-21 08:50:41 | Deep Dive |
| CVE-2022-4442 | WCK < 2.3.3 - Admin+ Stored XSS | Unknown | Custom Post Types and Custom Fields creator | 中危 | - | 2023-01-16 15:37:54 | Deep Dive |
| CVE-2021-24867 | Backdoored Plugins & Themes from AccessPress Themes | AccessPress Themes | Frontend Post WordPress Plugin – AccessPress Anonymous Post | 超危 | - | 2022-02-21 10:45:39 | Deep Dive |
| CVE-2021-24605 | Custom Post View Generator <= 0.4.6 - Reflected Cross-Site Scripting | Unknown | Custom Post View Generator | 中危 | - | 2021-09-13 17:56:28 | Deep Dive |
| CVE-2021-34654 | Custom Post Type Relations <= 1.0 Reflected Cross-Site Scripting | Custom Post Type Relations | Custom Post Type Relations | Medium | 6.1 | 2021-08-16 18:22:29 | Deep Dive |