| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-38392 | WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS) | Hiroaki Miyashita | Custom Field Template | High | 7.1 | 2023-08-07 12:45:24 | Deep Dive |
| CVE-2023-37980 | WordPress Custom Field For WP Job Manager Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS) | Gravity Master | Custom Field For WP Job Manager | Medium | 5.9 | 2023-07-27 13:59:23 | Deep Dive |
| CVE-2023-3957 | ACF Photo Gallery Field <= 1.9 - Authenticated (Subscriber+) Arbitrary Usermeta Update | navzme | ACF Photo Gallery Field | Medium | 4.3 | 2023-07-27 06:54:16 | Deep Dive |
| CVE-2023-22695 | WordPress Custom Field Template Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF) | Hiroaki Miyashita | Custom Field Template | Medium | 4.3 | 2023-07-10 12:38:53 | Deep Dive |
| CVE-2020-36742 | Custom Field Template <= 2.5.1 - Cross-Site Request Forgery Bypass | hiroaki-miyashita | Custom Field Template | Medium | 4.3 | 2023-07-01 04:26:50 | Deep Dive |
| CVE-2023-32515 | WordPress Custom Field Suite Plugin <= 2.6.2.1 is vulnerable to Cross Site Scripting (XSS) | Matt Gibbs | Custom Field Suite | Medium | 5.9 | 2023-05-18 09:55:27 | Deep Dive |
| CVE-2022-4328 | WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload | Unknown | WooCommerce Checkout Field Manager | 超危 | - | 2023-03-06 13:34:04 | Deep Dive |
| CVE-2022-4306 | Panda Pods Repeater Field < 1.5.4 - Reflected XSS | Unknown | Panda Pods Repeater Field | 中危 | - | 2023-01-30 20:31:31 | Deep Dive |
| CVE-2023-21853 | Oracle E-Business Suite 安全漏洞 | Oracle Corporation | Mobile Field Service | High | 7.5 | 2023-01-17 23:35:14 | Deep Dive |
| CVE-2022-4324 | Custom Field Template < 2.5.8 - Admin+ PHP Object Injection | Unknown | Custom Field Template | 高危 | - | 2023-01-02 21:49:29 | Deep Dive |
| CVE-2022-3490 | Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection | Unknown | Checkout Field Editor (Checkout Manager) for WooCommerce | 高危 | - | 2022-11-28 13:47:16 | Deep Dive |
| CVE-2020-14496 | Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A) - Permission Issues | Mitsubishi Electric | CPU Module Logging Configuration Tool | High | 8.3 | 2022-05-19 17:24:43 | Deep Dive |
| CVE-2020-14521 | Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element | Mitsubishi Electric | C Controller Interface Module Utility | High | 8.3 | 2022-02-11 17:40:28 | Deep Dive |
| CVE-2021-24909 | ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting | Unknown | ACF Photo Gallery Field | 中危 | - | 2022-01-17 13:00:28 | Deep Dive |
| CVE-2021-24872 | Get Custom Field Values < 4.0 - Contributors+ Arbitrary Post Metadata Access | Unknown | Get Custom Field Values | 中危 | - | 2021-12-13 10:41:16 | Deep Dive |
| CVE-2021-24871 | Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting | Unknown | Get Custom Field Values | 中危 | - | 2021-12-13 10:41:15 | Deep Dive |
| CVE-2021-35570 | Oracle E-Business Suite 安全漏洞 | Oracle Corporation | Mobile Field Service | High | 8.1 | 2021-10-20 10:50:17 | Deep Dive |
| CVE-2021-2362 | Oracle E-Business Suite输入验证错误漏洞 | Oracle Corporation | Field Service | High | 8.1 | 2021-07-20 22:43:39 | Deep Dive |
| CVE-2021-31405 | Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 | Vaadin | Vaadin | High | 7.5 | 2021-04-23 16:05:41 | Deep Dive |
| CVE-2021-20588 | Mitsubishi Electric FA engineering software 缓冲区错误漏洞 | Mitsubishi Electric Corporation | CPU Module Logging Configuration Tool | High | 7.5 | 2021-02-19 19:58:29 | Deep Dive |