| CVE-2025-26655 | Missing Authorization check in SAP JIT(Outbound) | SAP_SE | SAP Just In Time | Low | 3.1 | 2025-03-11 00:35:06 | Deep Dive |
| CVE-2024-10152 | Simple Certain Time to Show Content < 1.3.1 - Reflected XSS | Unknown | Simple Certain Time to Show Content | 高危 | - | 2025-02-26 06:00:03 | Deep Dive |
| CVE-2024-13609 | 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Unauthenticated Sensitive Information Exposure via Database Backup in class-ocm-backup.php | 1clickmigration | 1 Click Migration & Backup: Free WordPress Migration Plugin with Zero Downtime & Easy Clone | Medium | 5.9 | 2025-02-18 04:21:21 | Deep Dive |
| CVE-2024-13555 | 1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process Cancellation | 1clickmigration | 1 Click Migration & Backup: Free WordPress Migration Plugin with Zero Downtime & Easy Clone | Medium | 5.3 | 2025-02-18 04:21:19 | Deep Dive |
| CVE-2024-13540 | WooODT Lite – Delivery & pickup date time location for WooCommerce <= 2.5.1 - Unauthenticated Full Path Dsiclosure | mdalabar | WooODT Lite – Delivery & pickup date time location for WooCommerce | Medium | 5.3 | 2025-02-18 04:21:15 | Deep Dive |
| CVE-2024-13841 | Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time <= 1.0.0 - Authenticated (Contributor+) Post Disclosure | daveshine | Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time | Medium | 4.3 | 2025-02-07 06:59:58 | Deep Dive |
| CVE-2025-24718 | WordPress WP Sessions Time Monitoring Full Automatic Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability | activity-log.com | WP Sessions Time Monitoring Full Automatic | High | 7.1 | 2025-01-31 08:24:42 | Deep Dive |
| CVE-2025-24675 | WordPress WP Visitor Statistics (Real Time Traffic) plugin <= 7.2 - Cross Site Scripting (XSS) vulnerability | osama.esh | WP Visitor Statistics (Real Time Traffic) | Medium | 6.5 | 2025-01-24 17:24:51 | Deep Dive |
| CVE-2024-12515 | Muslim Prayer Time-Salah/Iqamah <= 1.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripting | masjidal | Muslim Prayer Time-Salah/Iqamah | Medium | 6.4 | 2025-01-09 11:11:03 | Deep Dive |
| CVE-2025-22304 | WordPress WP Visitor Statistics plugin <= 7.5 - Broken Access Control vulnerability | osama.esh | WP Visitor Statistics (Real Time Traffic) | Medium | 4.3 | 2025-01-07 10:48:59 | Deep Dive |
| CVE-2023-47557 | WordPress Visitor Traffic Real Time Statistics plugin <= 7.2 - Broken Access Control vulnerability | wp-buy | Visitors Traffic Real Time Statistics | 中危 | - | 2025-01-02 12:00:35 | Deep Dive |
| CVE-2024-55997 | WordPress Order Delivery & Pickup Location Date Time plugin <= 1.1.0 - Settings Change vulnerability | webchunky | Order Delivery & Pickup Location Date Time | Medium | 6.5 | 2024-12-18 11:38:29 | Deep Dive |
| CVE-2024-54441 | WordPress Utech World Time Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Meini | Utech World Time | Medium | 6.5 | 2024-12-16 14:14:17 | Deep Dive |
| CVE-2024-12526 | Arena.IM – Live Blogging for real-time events <= 0.4.1 - Cross-Site Request Forgery to Settings Update | arenaim | Arena.IM – Live Blogging for real-time events | Medium | 4.3 | 2024-12-12 04:23:16 | Deep Dive |
| CVE-2024-12463 | Arena.IM – Live Blogging for real-time events <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via arena_embed_amp Shortcode | arenaim | Arena.IM – Live Blogging for real-time events | Medium | 6.4 | 2024-12-12 04:23:13 | Deep Dive |
| CVE-2024-11384 | Arena.IM – Live Blogging for real-time events <= 0.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | arenaim | Arena.IM – Live Blogging for real-time events | Medium | 6.4 | 2024-12-12 04:23:12 | Deep Dive |
| CVE-2023-23895 | WordPress WP Time Slots Booking Form plugin <= 1.1.82 - Broken Access Control vulnerability | codepeople | WP Time Slots Booking Form | Medium | 4.7 | 2024-12-09 11:31:44 | Deep Dive |
| CVE-2024-11265 | Wp Maximum Upload File Size <= 1.1.3 - Authenticated (Author+) Full Path Disclosure | codepopular | EasyMedia – Increase Media Upload File Size | Role-Based Upload Limit | Increase Execution Time | Medium | 4.3 | 2024-11-23 05:40:12 | Deep Dive |
| CVE-2024-50534 | WordPress World Prayer Time plugin <= 2.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability | techdabang | World Prayer Time | High | 7.1 | 2024-11-19 16:32:32 | Deep Dive |
| CVE-2024-8856 | Backup and Staging by WP Time Capsule <= 1.22.21 - Unauthenticated Arbitrary File Upload | revmakx | Backup and Staging by WP Time Capsule | Critical | 9.8 | 2024-11-16 04:29:16 | Deep Dive |