| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-10215 | WPBookit <= 1.6.4 - Unauthenticated Arbitrary User Password Change | Iqonic Design | WPBookit | Critical | 9.8 | 2025-01-09 19:21:57 | Deep Dive |
| CVE-2024-12419 | Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler <= 1.7.1 - Unauthenticated Arbitrary Shortcode Execution and Reflected Cross-Site Scripting | tobias_conrad | WOW Styler for CF7 – Visual Styler for Contact Form 7 Forms | Medium | 6.5 | 2025-01-07 03:21:56 | Deep Dive |
| CVE-2024-54280 | WordPress WPBookit plugin <= 1.6.0 - SQL Injection vulnerability | Iqonic Design | WPBookit | Critical | 9.3 | 2024-12-16 15:43:33 | Deep Dive |
| CVE-2024-54288 | WordPress LDD Directory Lite plugin <= 3.3 - Reflected Cross Site Scripting (XSS) vulnerability | LDD Web Design | LDD Directory Lite | High | 7.1 | 2024-12-13 14:25:05 | Deep Dive |
| CVE-2024-12564 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3 | Open Design Alliance | CDE inWEB SDK | 中危 | - | 2024-12-12 07:41:53 | Deep Dive |
| CVE-2024-8894 | Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10 | Open Design Alliance | ODA Drawings SDK - All Versions < 2025.10 | 中危 | - | 2024-12-04 11:40:22 | Deep Dive |
| CVE-2024-41779 | IBM Engineering Systems Design Rhapsody - Model Manager | IBM | Engineering Systems Design Rhapsody - Model Manager | Critical | 9.8 | 2024-11-22 12:02:49 | Deep Dive |
| CVE-2024-7882 | SQLi in Special Minds' e-Commerce | Special Minds Design and Software | e-Commerce | Medium | 6.5 | 2024-11-22 08:49:34 | Deep Dive |
| CVE-2024-49689 | WordPress HD Quiz – Save Results Light plugin <= 0.5 - Broken Access Control vulnerability | Harmonic Design | HD Quiz – Save Results Light | Medium | 5.4 | 2024-11-19 16:30:40 | Deep Dive |
| CVE-2024-51788 | WordPress The Novel Design Store Directory plugin <= 4.3.0 - Arbitrary File Upload vulnerability | Joshua Wolfe | The Novel Design Store Directory | Critical | 10.0 | 2024-11-11 05:59:26 | Deep Dive |
| CVE-2024-7995 | Autodesk VRED Design Privilege Escalation Vulnerability | Autodesk | VRED Design | High | 7.8 | 2024-11-05 20:06:44 | Deep Dive |
| CVE-2024-37232 | WordPress Hercules Core plugin <= 6.5 - Subscriber+ Arbitrary Settings Change/Access vulnerability | Hercules Design | Hercules Core | High | 8.8 | 2024-11-01 14:18:30 | Deep Dive |
| CVE-2024-43343 | WordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerability | Etoile Web Design | Order Tracking | Medium | 4.3 | 2024-11-01 14:17:23 | Deep Dive |
| CVE-2024-50508 | WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Download vulnerability | Chetan Khandla | Woocommerce Product Design | High | 7.5 | 2024-10-30 07:56:47 | Deep Dive |
| CVE-2024-50509 | WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Deletion vulnerability | Chetan Khandla | Woocommerce Product Design | High | 8.6 | 2024-10-30 07:41:05 | Deep Dive |
| CVE-2024-50482 | WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Upload vulnerability | Chetan Khandla | Woocommerce Product Design | Critical | 10.0 | 2024-10-29 07:57:37 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-3373 | SQLi in RSM Design's Website Template | RSM Design | Website Template | - | - | 2024-09-27 14:14:16 | Deep Dive |
| CVE-2024-9024 | Material Design Icons <= 0.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via mdi-icon Shortcode | braginteractive | Material Design Icons | Medium | 6.4 | 2024-09-25 02:05:20 | Deep Dive |
| CVE-2024-22184 | Intel Quartus Prime Pro 安全漏洞 | - | Intel(R) Quartus(R) Prime Pro Edition Design Software | Medium | 6.7 | 2024-08-14 13:45:18 | Deep Dive |