Vulnerability List - Page 40

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2024-12605	AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update	opacewebdesign	Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic	Medium	4.3	2025-01-09 11:10:58	Deep Dive
CVE-2024-12206	Wordpress Header Builder Plugin <= 1.3.8 - Cross-Site Request Forgery to Header Deletion	stylemix	Pearl – Header Builder	Medium	4.3	2025-01-09 11:10:57	Deep Dive
CVE-2024-9939	WordPress File Upload <= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.php	nickboss	Iptanus File Upload	High	7.5	2025-01-08 08:18:17	Deep Dive
CVE-2024-11635	WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution	nickboss	Iptanus File Upload	Critical	9.8	2025-01-08 07:18:39	Deep Dive
CVE-2024-11613	WordPress File Upload <= 4.24.15 - Unauthenticated Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion	nickboss	Iptanus File Upload	Critical	9.8	2025-01-08 06:41:36	Deep Dive
CVE-2024-11270	WordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Creation	wpwebinarsystem	WebinarPress – Webinar System for WordPress	High	8.8	2025-01-08 04:18:00	Deep Dive
CVE-2024-11271	WordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar Updates	wpwebinarsystem	WebinarPress – Webinar System for WordPress	High	8.8	2025-01-08 04:17:59	Deep Dive
CVE-2024-11916	The Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting	wpextended	The Ultimate WordPress Toolkit – WP Extended	High	7.4	2025-01-08 03:18:11	Deep Dive
CVE-2024-12112	Easy Form Builder <= 3.8.8 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting	hassantafreshi	Easy Form Builder by WhiteStudio — Drag & Drop Form Builder	Medium	6.4	2025-01-08 03:18:11	Deep Dive
CVE-2024-11816	The Ultimate WordPress Toolkit – WP Extended <= 3.0.11 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution	wpextended	The Ultimate WordPress Toolkit – WP Extended	High	8.8	2025-01-08 03:18:11	Deep Dive
CVE-2024-12713	SureForms – Drag and Drop Form Builder for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Protected Post Disclosure	brainstormforce	SureForms – Contact Form, Payment Form & Other Custom Form Builder	Medium	5.3	2025-01-08 03:18:10	Deep Dive
CVE-2025-22503	WordPress Admin debug wordpress – enable debug Plugin <= 1.0.13 - Cross Site Request Forgery vulnerability	digitalzoomstudio	Admin debug wordpress – enable debug	Medium	4.3	2025-01-07 14:57:38	Deep Dive
CVE-2024-11826	Quill Forms \| The Best Typeform Alternative \| Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting	mdmag	Quill Forms \| Conversational Multi Step Forms, Surveys & quizzes	Medium	6.4	2025-01-07 11:11:12	Deep Dive
CVE-2025-22349	WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability	WP Marka	WordPress Auction Plugin	High	7.6	2025-01-07 10:48:41	Deep Dive
CVE-2024-12719	WordPress File Upload <= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path Traversal	nickboss	Iptanus File Upload	Medium	4.3	2025-01-07 09:22:15	Deep Dive
CVE-2024-12781	Aurum - WordPress & WooCommerce Shopping Theme <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Demo Content Import	Laborator	Aurum - WordPress & WooCommerce Shopping Theme	Medium	4.3	2025-01-07 06:40:59	Deep Dive
CVE-2024-8857	WordPress Auction <= 3.7 - Editor+ Stored XSS	Unknown	WordPress Auction Plugin	中危	-	2025-01-07 06:00:06	Deep Dive
CVE-2024-8855	WordPress Auction <= 3.7 - Editor+ SQL Injection	Unknown	WordPress Auction Plugin	中危	-	2025-01-07 06:00:05	Deep Dive
CVE-2024-11382	Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting	commonninja	Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites	Medium	6.4	2025-01-07 04:22:23	Deep Dive
CVE-2024-12419	Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler <= 1.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting	tobias_conrad	WOW Styler for CF7 – Visual Styler for Contact Form 7 Forms	Medium	6.5	2025-01-07 03:21:56	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List - Page 40