| CVE-2024-0615 | Content Control <= 2.1.0 - Missing Authorization to Sensitive Information Exposure | danieliser | Content Control – The Ultimate Content Restriction Plugin! Restrict Content, Create Conditional Blocks & More | Medium | 5.3 | 2024-05-02 16:52:28 | Deep Dive |
| CVE-2024-1677 | Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce <= 3.4.6 - Improper Authorization | ukrsolution | Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce | Medium | 6.3 | 2024-05-02 16:52:14 | Deep Dive |
| CVE-2024-2661 | Barcode Scanner with Inventory & Order Manager <= 1.5.4 - Authenticated (Subscriber+) SQL Injection | ukrsolution | Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) | High | 8.8 | 2024-05-02 16:52:00 | Deep Dive |
| CVE-2024-2457 | Modal Window – create popup modal window <= 5.3.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | wpcalc | Modal Window – create popup modal window | Medium | 6.4 | 2024-04-09 18:58:57 | Deep Dive |
| CVE-2024-2025 | BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages <= 3.4.20 - Authenticated (Subscriber+) PHP Object Injection in get_simple_request | themekraft | BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages | High | 8.8 | 2024-03-23 01:57:39 | Deep Dive |
| CVE-2024-1711 | Create by Mediavine <= 1.9.4 - Unauthenticated SQL Injection via 'id' | mischiefmarmot | Create | Critical | 9.8 | 2024-03-20 06:48:29 | Deep Dive |
| CVE-2024-1857 | Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information Exposure | wpswings | Ultimate Gift Cards for WooCommerce | Medium | 5.3 | 2024-03-16 08:37:16 | Deep Dive |
| CVE-2024-1640 | Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form <= 2.10.1 - Unauthenticated Insecure Direct Object Reference to Form Submission Alteration | bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder | Medium | 5.3 | 2024-03-13 15:26:47 | Deep Dive |
| CVE-2024-0903 | User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds <= 1.0.13 - Unauthenticated Stored Cross-Site Scripting | smub | UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds | Medium | 5.4 | 2024-02-22 05:32:49 | Deep Dive |
| CVE-2023-51534 | WordPress Brave Popup Builder Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS) | Brave | Brave – Create Popup, Optins, Lead Generation, Survey, Sticky Elements & Interactive Content | Medium | 5.9 | 2024-02-01 10:31:21 | Deep Dive |
| CVE-2023-51423 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to SQL Injection | Saleswonder Team | Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition | Critical | 9.3 | 2023-12-31 17:52:40 | Deep Dive |
| CVE-2023-51422 | WordPress WebinarIgnition Plugin <= 3.05.0 is vulnerable to PHP Object Injection | Saleswonder Team | Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition | Critical | 9.9 | 2023-12-29 12:59:32 | Deep Dive |
| CVE-2023-50856 | WordPress Funnel Builder for WordPress by FunnelKit Plugin <= 2.14.3 is vulnerable to SQL Injection | FunnelKit | Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits | High | 7.6 | 2023-12-28 11:01:04 | Deep Dive |
| CVE-2023-49762 | WordPress AppMySite Plugin <= 3.11.0 is vulnerable to Sensitive Data Exposure | AppMySite | AppMySite – Create an app with the Best Mobile App Builder | Medium | 5.3 | 2023-12-21 13:09:02 | Deep Dive |
| CVE-2023-49296 | Arduino Create Agent vulnerable to Reflected Cross-Site Scripting | arduino | arduino-create-agent | Medium | 6.3 | 2023-12-13 19:54:35 | Deep Dive |
| CVE-2023-23796 | WordPress Form Builder Plugin <= 1.9.9.0 is vulnerable to CSV Injection | Muneeb | Form Builder | Create Responsive Contact Forms | 超危 | - | 2023-11-07 16:01:38 | Deep Dive |
| CVE-2023-46076 | WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS) | RedNao | WooCommerce PDF Invoice Builder, Create invoices, packing slips and more | High | 7.1 | 2023-10-26 12:05:36 | Deep Dive |
| CVE-2023-43800 | Insufficient Verification of Data Authenticity in Arduino Create Agent | arduino | arduino-create-agent | High | 7.3 | 2023-10-18 21:07:22 | Deep Dive |
| CVE-2023-43801 | Path traversal in Arduino Create Agent | arduino | arduino-create-agent | Medium | 6.1 | 2023-10-18 21:06:13 | Deep Dive |
| CVE-2023-43802 | Path traversal in Arduino Create Agent | arduino | arduino-create-agent | High | 7.1 | 2023-10-18 20:39:10 | Deep Dive |