Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2021-24673	Appointment Hour Booking < 1.3.16 - Authenticated Stored Cross-Site Scripting	Unknown	Appointment Hour Booking – WordPress Booking Plugin	中危	-	2021-10-04 11:20:18	Deep Dive
CVE-2021-36845	YITH Maintenance Mode (WordPress plugin) <= 1.3.8 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities	YITH	YITH Maintenance Mode (WordPress plugin)	Medium	6.9	2021-09-27 15:36:57	Deep Dive
CVE-2021-36841	YITH Maintenance Mode (WordPress plugin) <= 1.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability.	YITH	YITH Maintenance Mode (WordPress plugin)	Medium	6.9	2021-09-27 15:35:11	Deep Dive
CVE-2021-36875	WordPress uListing plugin <= 2.0.5 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability	Stylemix	Directory Listings WordPress plugin – uListing	Medium	5.9	2021-09-27 15:32:53	Deep Dive
CVE-2021-36880	WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability	StylemixThemes	uListing (WordPress plugin)	High	8.6	2021-09-27 15:32:47	Deep Dive
CVE-2021-36874	WordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerability	StylemixThemes	uListing (WordPress plugin)	High	7.1	2021-09-27 15:32:40	Deep Dive
CVE-2021-36877	WordPress uListing plugin <= 2.0.5 - Modify User Roles via Cross-Site Request Forgery (CSRF) vulnerability	StylemixThemes	uListing (WordPress plugin)	Medium	4.3	2021-09-27 15:32:30	Deep Dive
CVE-2021-36876	WordPress uListing plugin <= 2.0.5 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities	StylemixThemes	uListing (WordPress plugin)	Medium	5.4	2021-09-27 15:32:23	Deep Dive
CVE-2021-36879	WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability	StylemixThemes	uListing (WordPress plugin)	Critical	9.8	2021-09-27 15:32:15	Deep Dive
CVE-2021-36878	WordPress uListing plugin <= 2.0.5 - Settings Update via Cross-Site Request Forgery (CSRF) vulnerability	StylemixThemes	uListing (WordPress plugin)	Medium	4.3	2021-09-27 14:13:00	Deep Dive
CVE-2021-36823	WordPress Absolutely Glamorous Custom Admin plugin <= 6.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability	Cusmin	AGCA - Absolutely Glamorous Custom Admin (WordPress plugin)	Medium	6.6	2021-09-23 15:11:04	Deep Dive
CVE-2021-24636	Print My Blog < 3.4.2 - Plugin Deactivation via CSRF	Unknown	Print My Blog – Print, PDF, & eBook Converter WordPress Plugin	高危	-	2021-09-20 10:06:40	Deep Dive
CVE-2021-24525	Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS	Unknown	WordPress Shortcodes Plugin — Shortcodes Ultimate	中危	-	2021-09-20 10:06:15	Deep Dive
CVE-2021-24396	GSEOR <= 1.3 - Authenticated SQL Injection	Unknown	GSEOR – WordPress SEO Plugin	高危	-	2021-09-20 10:05:58	Deep Dive
CVE-2021-24620	Simple eCommerce <= 2.2.5 - Arbitrary File Upload	Unknown	WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal	高危	-	2021-09-13 17:56:33	Deep Dive
CVE-2021-38359	WordPress InviteBox Plugin <= 1.4.1 Reflected Cross-Site Scripting	WordPress InviteBox Plugin	WordPress InviteBox Plugin	Medium	6.1	2021-09-10 13:34:47	Deep Dive
CVE-2021-36870	WordPress WP Google Maps plugin <= 8.1.12 - Multiple Authenticated Persistent XSS vulnerabilities	Code Cabin Inc	WP Google Maps (WordPress plugin)	Medium	5.5	2021-09-09 11:18:21	Deep Dive
CVE-2021-24528	FluentSMTP < 2.0.1 - Authenticated Stored XSS	Unknown	FluentSMTP – WordPress Mail SMTP, SES, SendGrid, Mailgun and Any SMTP Plugin	中危	-	2021-08-30 14:11:20	Deep Dive
CVE-2021-24562	LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR	Unknown	LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress	高危	-	2021-08-23 11:10:14	Deep Dive
CVE-2021-24502	WP Google Map < 1.7.7 - Authenticated Stored Cross-Site Scripting (XSS)	Unknown	Maps Plugin using Google Maps for WordPress – WP Google Map	中危	-	2021-08-09 10:04:10	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List