Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 645 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-10744 File Manager, Code editor, backup by Managefy <= 1.6.1 - Unauthenticated Information Exposure softdiscoverFile Manager, Code Editor, and Backup by Managefy Medium 5.9 2025-10-01 03:25:23 Deep Dive
CVE-2025-8624 Nexa Blocks <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Google Maps Widget wpdiveNexa Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE Medium 6.4 2025-09-30 03:35:29 Deep Dive
CVE-2025-60102 WordPress WPFront User Role Editor Plugin <= 4.2.3 - Cross Site Scripting (XSS) Vulnerability Syam MohanWPFront User Role Editor Medium 6.5 2025-09-26 08:31:23 Deep Dive
CVE-2025-10949 Changsha Developer Technology iView Editor Markdown cross site scripting Changsha Developer TechnologyiView Editor Low 2.4 2025-09-25 14:32:06 Deep Dive
CVE-2025-57909 WordPress Editor Custom Color Palette plugin <= 3.5.6 - Broken Access Control vulnerability Rouergue CréationEditor Custom Color Palette Medium 6.5 2025-09-22 18:25:21 Deep Dive
CVE-2025-58232 WordPress Image Editor by Pixo Plugin <= 2.3.8 - Cross Site Scripting (XSS) Vulnerability IckataImage Editor by Pixo Medium 6.5 2025-09-22 18:23:41 Deep Dive
CVE-2025-9493 Admin Menu Editor <= 1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder Parameter whiteshadowAdmin Menu Editor Medium 6.4 2025-09-06 03:22:37 Deep Dive
CVE-2025-58799 WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability themelocationCustom WooCommerce Checkout Fields Editor Medium 4.3 2025-09-05 13:45:07 Deep Dive
CVE-2025-9378 Vayu Blocks <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Block Attributes themehunkVayu Blocks – Website Builder for the Block Editor Medium 6.4 2025-09-03 06:43:10 Deep Dive
CVE-2025-48310 WordPress Table Editor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability wptableeditorTable Editor Medium 4.3 2025-08-28 12:36:51 Deep Dive
CVE-2025-9345 File Manager, Code Editor, and Backup by Managefy <= 1.4.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Download softdiscoverFile Manager, Code Editor, and Backup by Managefy Medium 4.9 2025-08-28 03:42:46 Deep Dive
CVE-2025-8896 User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor <= 3.14.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting cozmoslabsUser Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor Medium 6.4 2025-08-16 06:39:22 Deep Dive
CVE-2025-7727 Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks jegstudioGutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem Medium 6.4 2025-08-06 06:38:40 Deep Dive
CVE-2025-27931 PDF-XChange Editor 缓冲区错误漏洞 PDF-XChange Co. LtdPDF-XChange Editor Medium 6.5 2025-08-05 14:49:26 Deep Dive
CVE-2025-47152 PDF-XChange Editor 缓冲区错误漏洞 PDF-XChange Co. LtdPDF-XChange Editor Medium 6.5 2025-08-05 14:49:26 Deep Dive
CVE-2025-7835 iThoughts Advanced Code Editor <= 1.2.10 - Cross-Site Request Forgery to Settings Update gerkiniThoughts Advanced Code Editor Medium 4.3 2025-07-24 09:22:22 Deep Dive
CVE-2025-4685 Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor <= 3.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets gutentorGutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor Medium 6.4 2025-07-21 07:23:24 Deep Dive
CVE-2012-10019 Front-end Editor < 2.3 - Arbitrary File Upload scribuFront-end Editor Critical 9.8 2025-07-19 09:23:53 Deep Dive
CVE-2025-6726 Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update krasenslavovBlock Editor Gallery Slider for WordPress – Image Slider, Gallery Carousel & Lightbox Plugin Medium 4.3 2025-07-18 05:23:59 Deep Dive
CVE-2025-48345 WordPress Contact Form 7 Editor Button plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability arisoftContact Form 7 Editor Button High 7.1 2025-07-16 11:28:01 Deep Dive