Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2022-29410 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerability MufengHermit 音乐播放器 (WordPress plugin) High 7.4 2022-04-28 16:14:10 Deep Dive
CVE-2022-29415 WordPress Ravpage plugin <= 2.16 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability Mati Skiba @ Rav MesserRavpage (WordPress plugin) Medium 6.1 2022-04-28 15:34:37 Deep Dive
CVE-2022-27860 WordPress Footer Text plugin <= 2.0.3 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability Shea BungeFooter Text (WordPress plugin) Medium 6.1 2022-04-28 15:32:14 Deep Dive
CVE-2022-27854 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Alexander UstimenkoPsychological tests & quizzes (WordPress plugin) Medium 5.4 2022-04-26 18:36:08 Deep Dive
CVE-2021-36895 WordPress Tripetto plugin <= 5.1.4 - Unauthenticated Cross-Site Scripting (XSS) vulnerability via SVG image upload TripettoTripetto (WordPress plugin) Medium 4.7 2022-04-26 18:13:03 Deep Dive
CVE-2021-36867 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Alexander UstimenkoPsychological tests & quizzes (WordPress plugin) Medium 5.4 2022-04-26 18:03:12 Deep Dive
CVE-2022-29419 WordPress 3xSocializer plugin <= 0.98.22 - Authenticated SQL Injection (SQLi) vulnerability Don Crowther3xSocializer (WordPress plugin) Medium 6.0 2022-04-25 16:55:13 Deep Dive
CVE-2022-29418 WordPress Night Mode plugin <= 1.0.0 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability Mark DanielsNight Mode (WordPress plugin) Medium 4.8 2022-04-25 16:53:21 Deep Dive
CVE-2022-29417 WordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerability ShortPixelShortPixel Adaptive Images (WordPress plugin) Medium 4.3 2022-04-25 16:42:13 Deep Dive
CVE-2022-28290 WordPress plugin Country Selector 跨站脚本漏洞 -WordPress Country Selector Plugin 中危 -2022-04-25 16:31:01 Deep Dive
CVE-2022-0657 5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi Unknown5 Stars Rating Funnel WordPress Plugin | RRatingg 超危 -2022-04-25 15:51:04 Deep Dive
CVE-2022-0993 SiteGround Security <= 1.2.5 - Authorization Weakness to Authentication Bypass sitegroundSecurity Optimizer – The All-In-One Protection Plugin High 8.1 2022-04-19 20:26:36 Deep Dive
CVE-2022-0992 SiteGround Security <= 1.2.5 - Authentication Bypass via 2FA Setup sitegroundSecurity Optimizer – The All-In-One Protection Plugin Critical 9.8 2022-04-19 20:26:33 Deep Dive
CVE-2022-27863 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 - Sensitive Data Exposure vulnerability E4J s.r.l.VikBooking Hotel Booking Engine & PMS (WordPress plugin) Medium 5.3 2022-04-19 20:26:27 Deep Dive
CVE-2022-27862 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 - Arbitrary File Upload leading to RCE E4J s.r.l.VikBooking Hotel Booking Engine & PMS (WordPress plugin) Critical 9.8 2022-04-19 20:26:26 Deep Dive
CVE-2022-27853 WordPress Contest Gallery plugin <= 13.1.0.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Contest GalleryContest Gallery (WordPress plugin) Medium 4.8 2022-04-18 16:20:34 Deep Dive
CVE-2022-23975 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary Plugin Activation AccessPress ThemesAccess Demo Importer (WordPress plugin) Medium 6.5 2022-04-18 16:20:31 Deep Dive
CVE-2022-23976 WordPress Access Demo Importer plugin <= 1.0.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Data Reset (Posts / Pages / Media) AccessPress ThemesAccess Demo Importer (WordPress plugin) High 8.1 2022-04-18 16:20:30 Deep Dive
CVE-2022-27850 WordPress Simple Ajax Chat plugin <= 20220115 - Multiple Cross-Site Request Forgery (CSRF) vulnerability Jeff StarrSimple Ajax Chat (WordPress plugin) Medium 5.4 2022-04-15 16:24:46 Deep Dive
CVE-2022-27851 WordPress Use Any Font plugin <= 6.1.7 - Cross-Site Request Forgery (CSRF) vulnerability DnesscarkeyUse Any Font | Custom Font Uploader (WordPress plugin) Medium 5.4 2022-04-15 16:24:46 Deep Dive