| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-38693 | WordPress WP User Frontend plugin <= 4.0.7 - SQL Injection vulnerability | weDevs | WP User Frontend | High | 7.6 | 2024-08-29 14:05:54 | Deep Dive |
| CVE-2024-6244 | pz-frontend-manager < 1.0.6 - CSRF change user profile picture | Unknown | PZ Frontend Manager | - | - | 2024-07-22 06:00:06 | Deep Dive |
| CVE-2024-39325 | aimeos/ai-controller-frontend doesn't reset payment status in basket | aimeos | ai-controller-frontend | Medium | 5.3 | 2024-07-02 20:36:58 | Deep Dive |
| CVE-2024-4957 | Frontend Checklist <= 2.3.2 - Admin+ Stored XSS | Unknown | Frontend Checklist | - | - | 2024-06-26 06:00:04 | Deep Dive |
| CVE-2024-4959 | Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items | Unknown | Frontend Checklist | - | - | 2024-06-26 06:00:04 | Deep Dive |
| CVE-2024-5149 | BuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient Randomness | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | Medium | 6.5 | 2024-06-05 04:32:25 | Deep Dive |
| CVE-2024-4870 | Frontend Registration – Contact Form 7 <= 5.1 - Authenticated (Editor+) Privilege Escalation | pokornydavid | Frontend Registration – Contact Form 7 | High | 7.2 | 2024-06-04 02:00:55 | Deep Dive |
| CVE-2023-51483 | WordPress WP Frontend Profile plugin <= 1.3.1 - Unauthenticated Privilege Escalation vulnerability | Glowlogix | WP Frontend Profile | Critical | 9.8 | 2024-05-17 08:44:30 | Deep Dive |
| CVE-2023-47682 | WordPress WP User Frontend plugin <= 3.6.5 - Authenticated Privilege Escalation vulnerability | weDevs | WP User Frontend | High | 7.2 | 2024-05-17 08:36:13 | Deep Dive |
| CVE-2024-34706 | @valtimo/components exposes access token to form.io | valtimo-platform | valtimo-frontend-libraries | Critical | 9.8 | 2024-05-13 16:02:29 | Deep Dive |
| CVE-2024-3729 | Frontend Admin by DynamiApps <= 3.19.4 - Improper Missing Encryption Exception Handling to Form Manipulation | shabti | Frontend Admin by DynamiApps | Critical | 9.8 | 2024-05-02 16:52:28 | Deep Dive |
| CVE-2024-2967 | Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor <= 4.4.7 - Authenticated (Admin+) Stored Cross-Site Scripting | aharonyan | Guest posting / Frontend Posting / Front Editor – WP Front User Submit | Medium | 4.4 | 2024-05-02 16:52:19 | Deep Dive |
| CVE-2024-32726 | WordPress Frontend Dashboard plugin <= 2.2.2 - Sensitive Data Exposure on PII vulnerability | vinoth06. | Frontend Dashboard | High | 7.5 | 2024-04-24 07:59:43 | Deep Dive |
| CVE-2024-29775 | WordPress Frontend Dashboard plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability | vinoth06. | Frontend Dashboard | Medium | 6.5 | 2024-03-27 12:52:59 | Deep Dive |
| CVE-2024-29929 | WordPress WCFM plugin <= 6.7.8 - Cross Site Scripting (XSS) vulnerability | WC Lovers | WCFM – Frontend Manager for WooCommerce | Medium | 5.9 | 2024-03-27 10:04:45 | Deep Dive |
| CVE-2024-25903 | WordPress Frontend File Manager Plugin plugin <= 22.7 - Sensitive Data Exposure vulnerability | N-Media | Frontend File Manager | Medium | 5.3 | 2024-03-17 16:17:19 | Deep Dive |
| CVE-2024-1158 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | Medium | 4.3 | 2024-03-13 15:26:35 | Deep Dive |
| CVE-2024-1169 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Upload | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | High | 7.5 | 2024-03-07 11:01:58 | Deep Dive |
| CVE-2024-1170 | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Deletion | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | High | 8.2 | 2024-03-07 11:01:58 | Deep Dive |
| CVE-2024-0373 | Views for WPForms <= 3.2.2 - Cross-Site Request Forgery via save_view | aman086 | Views for WPForms – Display & Edit WPForms Entries on your site frontend | Medium | 4.3 | 2024-02-05 21:22:04 | Deep Dive |