| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6632 | Happy Addons for Elementor <= 3.9.1.1 - Reflected Cross-Site Scripting | weDevs | Happy Addons for Elementor Pro | Medium | 6.1 | 2024-01-11 08:32:27 | Deep Dive |
| CVE-2024-21747 | WordPress WP ERP Plugin <= 1.12.8 is vulnerable to SQL Injection | weDevs | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting | High | 7.6 | 2024-01-08 16:48:10 | Deep Dive |
| CVE-2023-26525 | WordPress Dokan Plugin <= 3.7.12 is vulnerable to SQL Injection | weDevs | Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy | High | 7.1 | 2023-12-20 17:27:23 | Deep Dive |
| CVE-2023-34382 | WordPress Dokan Plugin <= 3.7.19 is vulnerable to PHP Object Injection | weDevs | Dokan – Best WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy | Medium | 4.4 | 2023-12-19 19:40:58 | Deep Dive |
| CVE-2023-49860 | WordPress WP Project Manager Plugin <= 2.6.7 is vulnerable to Cross Site Scripting (XSS) | weDevs | WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts | Medium | 6.5 | 2023-12-14 16:18:46 | Deep Dive |
| CVE-2023-34383 | WordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to SQL Injection | weDevs | WP Project Manager | 超危 | - | 2023-11-03 11:11:52 | Deep Dive |
| CVE-2023-3636 | WP Project Manager <= 2.6.4 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | High | 8.8 | 2023-08-31 05:33:09 | Deep Dive |
| CVE-2023-34008 | WordPress WP ERP Plugin <= 1.12.3 is vulnerable to Cross Site Scripting (XSS) | weDevs | WP ERP | High | 7.1 | 2023-08-30 14:50:26 | Deep Dive |
| CVE-2023-28989 | WordPress Happy Addons for Elementor Plugin <= 3.8.2 is vulnerable to Cross Site Request Forgery (CSRF) | weDevs | Happy Addons for Elementor | Medium | 4.3 | 2023-07-10 12:51:08 | Deep Dive |
| CVE-2020-36748 | Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass | dokaninc | Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy | Medium | 4.3 | 2023-07-01 05:33:29 | Deep Dive |
| CVE-2020-36745 | WP Project Manager <= 2.4.0 - Cross-Site Request Forgery Bypass | wedevs | Project Manager – AI Powered Project Management, Task Management, Kanban Board & Time Tracker | Medium | 4.3 | 2023-07-01 04:26:52 | Deep Dive |
| CVE-2020-36735 | WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.6.3 - Cross-Site Request Forgery Bypass | wedevs | ERP: Complete HR, Accounting & CRM Suite with WooCommerce CRM Support | Medium | 4.3 | 2023-07-01 02:54:24 | Deep Dive |
| CVE-2023-3407 | Subscribe2 <= 10.40 - Cross-Site Request Forgery | wedevs | Subscribe2 – Form, Email Subscribers & Newsletters | Medium | 4.3 | 2023-06-28 02:34:23 | Deep Dive |
| CVE-2023-1844 | Subscribe2 <= 10.40 - Missing Authorization | wedevs | Subscribe2 – Form, Email Subscribers & Newsletters | Medium | 4.3 | 2023-06-28 02:34:23 | Deep Dive |
| CVE-2021-36826 | WordPress WP Project Manager plugin <= 2.4.13 - Stored Cross-Site Scripting (XSS) vulnerability | weDevs | WP Project Manager (WordPress plugin) | Medium | 5.4 | 2022-04-04 19:46:20 | Deep Dive |
| CVE-2021-24292 | Happy Addons for Elementor Free < 2.24.0 and Pro < 1.17.0 - Contributor+ Stored XSS | weDevs | Happy Addons for Elementor | 中危 | - | 2021-05-17 16:48:53 | Deep Dive |