Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 218 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-47499 WordPress Simple Blog Stats plugin <= 20250416 - Cross Site Scripting (XSS) Vulnerability Jeff StarrSimple Blog Stats Medium 6.5 2025-05-07 14:19:56 Deep Dive
CVE-2025-46517 WordPress Blog Manager WP plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability wpdiscoverBlog Manager WP Medium 5.9 2025-04-24 16:09:15 Deep Dive
CVE-2025-46492 WordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerability Pham ThanhCall Now PHT Blog High 7.1 2025-04-24 16:08:51 Deep Dive
CVE-2025-26934 WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability graphthemesGlossy Blog Medium 6.5 2025-04-15 21:53:13 Deep Dive
CVE-2025-3593 ZHENFENG13/code-projects My-Blog-layui authorImg upload unrestricted upload ZHENFENG13My-Blog-layui Medium 6.3 2025-04-14 22:31:05 Deep Dive
CVE-2025-3592 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting ZHENFENG13My-Blog-layui Low 3.5 2025-04-14 22:00:11 Deep Dive
CVE-2025-3591 ZHENFENG13/code-projects My-Blog-layui edit cross site scripting ZHENFENG13My-Blog-layui Low 3.5 2025-04-14 22:00:09 Deep Dive
CVE-2025-32191 WordPress News Element Elementor Blog Magazine plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability webangonNews Element Elementor Blog Magazine Medium 6.5 2025-04-04 15:59:05 Deep Dive
CVE-2025-31082 WordPress News & Blog Designer Pack plugin <= 4.0 - Local File Inclusion vulnerability InfornWebNews & Blog Designer Pack High 8.1 2025-04-01 20:58:09 Deep Dive
CVE-2025-31766 WordPress PhotoShelter for Photographers Blog Feed plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability PhotoShelterPhotoShelter for Photographers Blog Feed Plugin Medium 6.5 2025-04-01 14:51:18 Deep Dive
CVE-2025-31740 WordPress News, Magazine and Blog Elements Plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability aThemeArtNews, Magazine and Blog Elements Medium 6.5 2025-04-01 14:51:06 Deep Dive
CVE-2025-31606 WordPress SP Blog Designer plugin <= 1.0.0 - Arbitrary Shortcode Execution vulnerability softpulseinfotechSP Blog Designer Medium 4.8 2025-03-31 12:55:37 Deep Dive
CVE-2025-31103 appleple a-blog cms 代码问题漏洞 appleple inc.a-blog cms (Ver.3.1.x series) 高危 -2025-03-31 04:54:04 Deep Dive
CVE-2025-22648 WordPress Blog, Posts and Category Filter for Elementor plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability Plugin DevsBlog, Posts and Category Filter for Elementor Medium 6.5 2025-03-27 15:06:30 Deep Dive
CVE-2024-13410 CozyStay <= 1.7.0 and TinySalt <= 3.9.0 - Unauthenticated PHP Object Injection in ajax_handler LoftOceanCozyStay - Hotel Booking WordPress Theme Critical 9.8 2025-03-19 06:57:41 Deep Dive
CVE-2025-2340 otale Tale Blog Site Settings save saveOptions cross site scripting otaleTale Blog Low 2.4 2025-03-16 13:31:05 Deep Dive
CVE-2025-2339 otale Tale Blog logs improper authentication otaleTale Blog Medium 5.3 2025-03-16 13:00:08 Deep Dive
CVE-2024-8682 JNews - WordPress Newspaper Magazine Blog AMP Theme <= 11.6.6 - Unauthorized User Registration https://themeforest.net/item/jnews-one-stop-solution-for-web-publishing/20566392JNews - WordPress Newspaper Magazine Blog AMP Theme Medium 5.3 2025-03-05 08:21:55 Deep Dive
CVE-2024-13656 Click Mag - Viral WordPress News Magazine/Blog Theme <= 3.6.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Deletion MVPThemesClick Mag - Viral WordPress News Magazine/Blog Theme High 8.1 2025-02-12 04:22:17 Deep Dive
CVE-2025-23887 WordPress Blog Summary plugin <= 0.1.2 β - Cross Site Scripting (XSS) vulnerability scottwallickBlog Summary Medium 6.5 2025-01-16 20:07:42 Deep Dive