Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 42

Clear Filters
Found 2552 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-12506 NACC WordPress Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting magblogapiNACC WordPress Plugin Medium 6.4 2024-12-20 06:59:11 Deep Dive
CVE-2024-11297 Page Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure cyberlord92Page and Post Restriction Medium 5.3 2024-12-20 06:59:07 Deep Dive
CVE-2024-12571 Store Locator <= 3.98.10 - Unauthenticated Local File Inclusion moalukoStore Locator for WordPress with Google Maps – LotsOfLocales Critical 9.8 2024-12-20 06:59:06 Deep Dive
CVE-2024-8968 MaxButtons < 9.8.1 - Admin+ Stored XSS via Text Color UnknownWordPress Button Plugin MaxButtons 中危 -2024-12-20 06:00:05 Deep Dive
CVE-2024-10555 MaxButtons < 9.8.1 - Admin+ Stored XSS via Button Width UnknownWordPress Button Plugin MaxButtons 中危 -2024-12-20 06:00:02 Deep Dive
CVE-2024-12626 AutomatorWP <= 5.0.9 - Reflected Cross-Site Scripting via a-0-o-search_field_value rubengcAutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress Critical 9.6 2024-12-19 11:14:15 Deep Dive
CVE-2024-11912 Traveler <= 3.1.6 - Unauthenticated SQL Injection via order_id ShineThemeTravel Booking WordPress Theme High 7.5 2024-12-18 11:09:32 Deep Dive
CVE-2024-11926 Traveler <= 3.1.6 - Missing Authorization in Several AJAX Actions ShineThemeTravel Booking WordPress Theme Medium 6.5 2024-12-18 11:09:31 Deep Dive
CVE-2024-12259 CRM WordPress Plugin – RepairBuddy <= 3.8120 - Missing Authorization to Account Takeover/Privilege Escalation sweetdaisy86RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress High 8.8 2024-12-18 03:22:06 Deep Dive
CVE-2024-12127 Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS <= 0.0.21 - Reflected Cross-Site Scripting via page Parameter mantrabrainLearning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS Medium 6.1 2024-12-17 09:22:42 Deep Dive
CVE-2024-12443 CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting crmperksCRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout Medium 6.4 2024-12-16 22:24:38 Deep Dive
CVE-2024-54384 WordPress Falcon – WordPress Optimizations & Tweaks plugin <= 2.8.3 - Broken Access Control vulnerability Anh TranFalcon – WordPress Optimizations & Tweaks Medium 4.3 2024-12-16 14:14:22 Deep Dive
CVE-2024-54356 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 5.4 2024-12-16 14:14:13 Deep Dive
CVE-2024-54391 WordPress WordPress Filter plugin <= 1.4.1 - CSRF to Stored XSS vulnerability mattwaltersWordPress Filter High 7.1 2024-12-16 14:14:06 Deep Dive
CVE-2024-55998 WordPress Popup Surveys & Polls for WordPress (Mare.io) plugin <= 1.36 - Settings Change vulnerability Eric SloanPopup Surveys & Polls for WordPress (Mare.io) Medium 5.4 2024-12-16 14:13:37 Deep Dive
CVE-2024-11888 IDer Login for WordPress <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting iderIDer Login for WordPress Medium 6.4 2024-12-14 04:23:48 Deep Dive
CVE-2024-11869 Buk for WordPress <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting uvstudioBuk for WordPress Medium 6.4 2024-12-14 04:23:48 Deep Dive
CVE-2024-11876 Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site <= 1.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting yoannr35Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site Medium 6.4 2024-12-14 04:23:42 Deep Dive
CVE-2024-12578 Tickera – WordPress Event Ticketing <= 3.5.4.8 - Unauthenticated Customer Data Exposure tickeraTickera – Sell Tickets & Manage Events Medium 5.3 2024-12-14 04:23:40 Deep Dive
CVE-2024-54326 WordPress GEO my WP plugin <= 4.5.0.4 - Broken Access Control vulnerability Eyal FitoussiGEO my WordPress Medium 6.5 2024-12-13 14:25:30 Deep Dive