| CVE-2025-0460 | Blog Botz for Journal Theme blog_add unrestricted upload | - | Blog Botz for Journal Theme | High | 7.3 | 2025-01-14 16:00:18 | Deep Dive |
| CVE-2024-12473 | AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Authenticated (Contributor+) SQL Injection | opacewebdesign | Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic | Medium | 6.5 | 2025-01-10 03:21:30 | Deep Dive |
| CVE-2024-12606 | AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Settings Update | opacewebdesign | Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic | Medium | 4.3 | 2025-01-10 03:21:30 | Deep Dive |
| CVE-2024-12605 | AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update | opacewebdesign | Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic | Medium | 4.3 | 2025-01-09 11:10:58 | Deep Dive |
| CVE-2024-13202 | wander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scripting | wander-chu | SpringBoot-Blog | Low | 2.4 | 2025-01-09 01:31:06 | Deep Dive |
| CVE-2024-13201 | wander-chu SpringBoot-Blog Admin Attachment AttachtController.java upload unrestricted upload | wander-chu | SpringBoot-Blog | Medium | 4.7 | 2025-01-09 01:31:05 | Deep Dive |
| CVE-2024-13200 | wander-chu SpringBoot-Blog HTTP POST Request BaseInterceptor.java preHandle access control | wander-chu | SpringBoot-Blog | High | 7.3 | 2025-01-09 01:00:15 | Deep Dive |
| CVE-2024-13199 | langhsu Mblog Blog System Search Bar search cross site scripting | langhsu | Mblog Blog System | Low | 3.5 | 2025-01-09 00:31:06 | Deep Dive |
| CVE-2024-13198 | langhsu Mblog Blog System login observable response discrepancy | langhsu | Mblog Blog System | Low | 3.7 | 2025-01-09 00:31:05 | Deep Dive |
| CVE-2024-13145 | zhenfeng13 My-Blog uploadController. java upload unrestricted upload | zhenfeng13 | My-Blog | Medium | 6.3 | 2025-01-06 00:31:05 | Deep Dive |
| CVE-2024-13144 | zhenfeng13 My-Blog BlogController.java uploadFileByEditomd unrestricted upload | zhenfeng13 | My-Blog | Medium | 6.3 | 2025-01-06 00:00:13 | Deep Dive |
| CVE-2024-38732 | WordPress Patricia Blog theme <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability | VolThemes | Patricia Blog | Medium | 4.3 | 2025-01-02 13:23:42 | Deep Dive |
| CVE-2024-54287 | WordPress Advanced Blog Post Block plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | Best WP Developer | Advanced Blog Post Block | Medium | 6.5 | 2024-12-13 14:25:04 | Deep Dive |
| CVE-2024-10663 | Eleblog – Elementor Blog And Magazine Addons <= 1.8 - Missing Authorization to Authenticated (Subscriber+) Deactivation Submission | smarettheme | Eleblog – Elementor Blog And Magazine Addons | Medium | 4.3 | 2024-12-04 02:40:28 | Deep Dive |
| CVE-2024-53722 | WordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability | rockemmusic | Favicon My Blog | High | 7.1 | 2024-12-02 13:48:43 | Deep Dive |
| CVE-2024-52498 | WordPress SP Blog Designer plugin <= 1.0.0 - Local File Inclusion vulnerability | softpulseinfotech | SP Blog Designer | High | 7.5 | 2024-11-28 10:38:55 | Deep Dive |
| CVE-2024-11601 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.1 - Cross-Site Request Forgery to Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:41 | Deep Dive |
| CVE-2024-11104 | Sky Addons for Elementor (Free Templates Library, Live Copy, Animations, Post Grid, Post Carousel, Particles, Sliders, Chart, Blogs) <= 2.6.2 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | High | 8.1 | 2024-11-22 05:33:40 | Deep Dive |
| CVE-2024-9542 | Sky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor Template | wowdevs | Sky Addons – Elementor Addons with Widgets & Templates | Medium | 4.3 | 2024-11-21 11:02:20 | Deep Dive |
| CVE-2024-51639 | WordPress Naver Blog plugin <= 1.0 - CSRF to Stored XSS vulnerability | Hints | Naver Blog | High | 7.1 | 2024-11-19 16:32:27 | Deep Dive |