Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 56

Clear Filters
Found 2563 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-6556 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path Disclosure wpmudevSmartCrawl SEO checker, analyzer & optimizer Medium 5.3 2024-07-10 08:32:17 Deep Dive
CVE-2024-37499 WordPress Online Booking & Scheduling Calendar for WordPress plugin <= 4.4.2 - Local File Inclusion vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-07-09 11:55:34 Deep Dive
CVE-2024-37430 WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability patreonPatreon WordPress Medium 5.3 2024-07-09 10:36:20 Deep Dive
CVE-2024-6313 Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload nikolaystrikharGutenberg Forms – WordPress Form Builder Plugin Critical 9.8 2024-07-09 07:38:47 Deep Dive
CVE-2024-6099 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Unauthenticated Bypass to User Registration thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:36 Deep Dive
CVE-2024-6088 LearnPress – WordPress LMS Plugin <= 4.2.6.8.1 - Missing Authorization to Unauthenticated User Registration Bypass thimpressLearnPress – WordPress LMS Plugin for Create and Sell Online Courses Medium 5.3 2024-07-02 11:01:35 Deep Dive
CVE-2024-4268 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks ultimateblocksUltimate Blocks – 25+ Gutenberg Blocks for Block Editor Medium 6.4 2024-07-02 11:01:35 Deep Dive
CVE-2024-3513 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via title tag attribute ultimateblocksUltimate Blocks – 25+ Gutenberg Blocks for Block Editor Medium 6.4 2024-07-02 07:37:04 Deep Dive
CVE-2024-6172 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribe icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-07-02 06:49:43 Deep Dive
CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' stiofansislandUsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP Critical 9.8 2024-06-29 04:33:28 Deep Dive
CVE-2024-5192 Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One Click Upsells <= 3.3.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload amans2kFunnelKit – Funnel Builder for WooCommerce Checkout Medium 6.4 2024-06-29 04:33:28 Deep Dive
CVE-2024-5451 The7 — Website and eCommerce Builder for WordPress <= 11.13.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Attribute Dream-ThemeThe7 — Website and eCommerce Builder for WordPress Medium 6.4 2024-06-25 13:53:22 Deep Dive
CVE-2024-32111 WordPress core < 6.5.5 - Auth. Arbitrary .html File Read (Windows Only) vulnerability AutomatticWordPress Medium 5.0 2024-06-25 13:35:46 Deep Dive
CVE-2024-31111 WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability AutomatticWordPress Medium 6.5 2024-06-25 12:54:48 Deep Dive
CVE-2024-6307 WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API WordPress FoundationWordPress Medium 6.4 2024-06-25 11:09:23 Deep Dive
CVE-2024-5791 Appointment Booking and Online Scheduling <= 4.4.2 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita High 7.2 2024-06-22 02:01:07 Deep Dive
CVE-2022-45803 WordPress Gutenberg Forms plugin <= 2.2.8.3 - Auth. Broken Access Control vulnerability Nikolay StrikharWordPress Form Builder Plugin – Gutenberg Forms Medium 6.5 2024-06-21 13:35:51 Deep Dive
CVE-2024-35770 WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability Dave KissVimeography: Vimeo Video Gallery WordPress Plugin Medium 4.3 2024-06-21 13:10:24 Deep Dive
CVE-2024-35761 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability vCitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.5 2024-06-21 12:38:39 Deep Dive
CVE-2024-5859 Appointment Booking and Online Scheduling <= 4.4.2 - Reflected Cross-Site Scripting vcitaOnline Booking & Scheduling Calendar for WordPress by vcita Medium 6.1 2024-06-21 08:39:43 Deep Dive