| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2016-15041 | MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance Plugin <= 3.1.2 - Stored Cross-Site Scripting | mainwp | MainWP Dashboard: Self-hosted WordPress Management for Agencies | High | 7.2 | 2024-10-16 06:43:40 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9232 | Download Plugins and Themes in ZIP from Dashboard <= 1.9.1 - Reflected Cross-Site Scripting | wpcodefactory | Download Plugins and Themes in ZIP from Dashboard | Medium | 6.1 | 2024-10-11 06:50:20 | Deep Dive |
| CVE-2024-47817 | Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus | lara-zeus | dynamic-dashboard | 中危 | - | 2024-10-07 21:22:18 | Deep Dive |
| CVE-2024-47656 | User Enumeration vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:24:28 | Deep Dive |
| CVE-2024-47655 | Unrestricted File Upload Vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:21:07 | Deep Dive |
| CVE-2024-47654 | No Rate Limiting vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:18:18 | Deep Dive |
| CVE-2024-47653 | Missing Authorization Vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:15:44 | Deep Dive |
| CVE-2024-47652 | Insecure Authentication Vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:13:23 | Deep Dive |
| CVE-2024-47651 | Parameter Pollution Vulnerability | Shilpi Computers | Client Dashboard | 中危 | - | 2024-10-04 12:07:46 | Deep Dive |
| CVE-2024-20491 | Cisco Nexus Dashboard Insights Information Disclosure Vulnerability | Cisco | Cisco Nexus Dashboard Insights | Medium | 6.3 | 2024-10-02 16:55:26 | Deep Dive |
| CVE-2024-20490 | Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability | Cisco | Cisco Data Center Network Manager | Medium | 6.3 | 2024-10-02 16:55:16 | Deep Dive |
| CVE-2024-20442 | Cisco Nexus Dashboard Unauthorized API Endpoints Vulnerability | Cisco | Cisco Nexus Dashboard | Medium | 5.4 | 2024-10-02 16:53:41 | Deep Dive |
| CVE-2024-20385 | Cisco Nexus Dashboard Orchestrator SSL Certificate Validation Vulnerability | Cisco | Cisco Nexus Dashboard Orchestrator | Medium | 5.9 | 2024-10-02 16:52:56 | Deep Dive |
| CVE-2024-8268 | Frontend Dashboard <= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call | vinoth06 | Frontend Dashboard | High | 8.8 | 2024-09-10 02:05:11 | Deep Dive |
| CVE-2024-43325 | WordPress Dark Mode for WP Dashboard plugin <= 1.2.3 - Cross Site Request Forgery vulnerability | Naiche | Dark Mode for WP Dashboard | Medium | 4.3 | 2024-08-26 20:35:49 | Deep Dive |
| CVE-2024-7501 | Download Plugins and Themes from Dashboard <= 1.8.7 - Cross-Site Request Forgery | wpcodefactory | Download Plugins and Themes in ZIP from Dashboard | Medium | 4.2 | 2024-08-16 06:41:00 | Deep Dive |
| CVE-2024-43226 | WordPress WP Dashboard Notes plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability | Jeroen Sormani | WP Dashboard Notes | Medium | 6.5 | 2024-08-12 21:12:51 | Deep Dive |
| CVE-2024-38725 | WordPress Admin Dashboard RSS Feed plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability | Webstix | Admin Dashboard RSS Feed | Medium | 5.9 | 2024-07-20 07:19:18 | Deep Dive |
| CVE-2024-1955 | Hide Dashboard Notifications <= 1.3 - Missing Authorization to Authenticated(Contributor+) Plugin Settings Modification | wprepublic | Hide Dashboard Notifications | Medium | 4.3 | 2024-06-21 02:05:43 | Deep Dive |