Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 44

Clear Filters
Found 2552 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-28168 WordPress WordPress Console plugin <= 0.3.9 - Broken Access Control vulnerability sant0sk1WordPress Console Low 3.7 2024-12-09 11:31:20 Deep Dive
CVE-2023-48332 WordPress Mail Bank – #1 Mail SMTP Plugin for WordPress plugin <= 4.0.14 - Broken Access Control vulnerability Varun SharmaMail Bank - #1 Mail SMTP Plugin for WordPress 中危 -2024-12-09 11:30:28 Deep Dive
CVE-2024-11010 FileOrganizer <= 1.1.4 - Authenticated (Administrator+) Local JavaScript File Inclusion softaculousFileOrganizer – WordPress File Manager High 7.2 2024-12-07 09:27:06 Deep Dive
CVE-2024-54207 WordPress WordPress Auction Plugin plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability WP MarkaWordPress Auction Plugin Medium 5.9 2024-12-06 13:07:30 Deep Dive
CVE-2024-51615 WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability WP MarkaWordPress Auction Plugin Critical 9.3 2024-12-06 13:07:23 Deep Dive
CVE-2024-9872 Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 5.4 2024-12-06 08:24:55 Deep Dive
CVE-2024-11336 Clickbank WordPress Plugin (Storefront) <= 1.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting dactumClickbank WordPress Plugin (Storefront) Medium 6.1 2024-12-06 08:24:53 Deep Dive
CVE-2024-11854 Listdom – Business Directory and Classified Ads Listings WordPress Plugin <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode Parameter webiliaListdom: AI-powered Business Directory with Classifieds Ads Listings Medium 6.4 2024-12-04 11:08:26 Deep Dive
CVE-2024-5020 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library extendthemesColibri Page Builder Medium 6.4 2024-12-04 08:22:47 Deep Dive
CVE-2024-12099 Dollie Hub – Build Your Own WordPress Cloud Platform <= 6.2.0 - Authenticated (Contributor+) Post Disclosure getdollieDollie AI – Connect Medium 4.3 2024-12-04 03:37:41 Deep Dive
CVE-2024-11453 WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout <= 1.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting samdaniGS Pinterest Portfolio – Pins Grid, Masonry, User Profile, Popup & Board Widgets Medium 6.4 2024-12-03 07:34:54 Deep Dive
CVE-2024-10484 Spectra – WordPress Gutenberg Blocks <= 2.16.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Widget brainstormforceSpectra Gutenberg Blocks – Website Builder for the Block Editor Medium 6.4 2024-12-03 05:33:26 Deep Dive
CVE-2024-53788 WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability portfoliohubWordPress Portfolio Builder – Portfolio Gallery Medium 5.9 2024-11-30 21:05:24 Deep Dive
CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution marketingfireWidget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets Critical 9.9 2024-11-28 09:47:12 Deep Dive
CVE-2024-11925 WP JobSearch <= 2.6.7 - Authentication Bypass to Account Takeover and Privilege Escalation eyecixJobSearch WP Job Board Critical 9.8 2024-11-28 07:14:08 Deep Dive
CVE-2024-10521 WordPress Contact Forms by Cimatti <= 1.9.2 - Cross-Site Request Forgery via process_bulk_action Function cimattiContact Forms by Cimatti Medium 4.3 2024-11-27 11:03:34 Deep Dive
CVE-2024-9461 Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings boldgridTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid High 7.2 2024-11-26 13:56:54 Deep Dive
CVE-2024-11091 Support SVG – Upload svg files in wordpress without hassle <= 1.1.0 - Authenticated (Author+) Stored Cross-site Scripting via SVG File Upload sayedulsayemSupport SVG – Upload svg files in wordpress without hassle Medium 6.4 2024-11-26 08:31:55 Deep Dive
CVE-2024-11192 Spotify Play Button for WordPress <= 2.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via spotifyplaybutton Shortcode jonkastonkaSp*tify Play Button for WordPress Medium 6.4 2024-11-26 08:31:54 Deep Dive
CVE-2024-11202 Multiple Plugins <= (Various Versions) - Reflected Cross-Site Scripting via cminds_free_guide Shortcode creativemindssolutionsCM Header and Footer – Add custom scripts and styles to your header and footer with ease Medium 6.1 2024-11-26 07:31:32 Deep Dive