Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 69

Clear Filters
Found 2563 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-0592 Related Posts for WordPress <= 2.2.1 - Cross-Site Request Forgery barrykooijRelated Posts for WordPress Medium 5.4 2024-03-13 15:26:52 Deep Dive
CVE-2024-0591 wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin <= 3.4.2.2 - Reflected Cross-Site Scripting. wpdatatableswpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin Medium 6.1 2024-03-13 15:26:51 Deep Dive
CVE-2024-0449 ArtiBot Free Chat Bot for WordPress WebSites <= 1.1.6 - Authenticated (Admin+) Cross-Site Scripting artibotArtiBot Free Chat Bot for WebSites Medium 4.4 2024-03-13 15:26:46 Deep Dive
CVE-2024-1642 MainWP Dashboard <= 4.6.0.1 - Cross-Site Request Forgery via posting_bulk mainwpMainWP Dashboard: Self-hosted WordPress Management for Agencies Medium 4.3 2024-03-13 15:26:41 Deep Dive
CVE-2024-2106 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.10 - Basic Information Exposure via REST route stylemixMasterStudy LMS WordPress Plugin – for Online Courses and Education Medium 5.3 2024-03-13 15:26:40 Deep Dive
CVE-2024-0871 Beaver Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Icon Widget beaverbuilderBeaver Builder Page Builder – Drag and Drop Website Builder Medium 5.4 2024-03-13 15:26:39 Deep Dive
CVE-2024-0897 Beaver Builder – WordPress Page Builder <= 2.7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting beaverbuilderBeaver Builder Page Builder – Drag and Drop Website Builder Medium 6.4 2024-03-13 15:26:38 Deep Dive
CVE-2024-0385 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxAddCategory frenifyCategorify – WordPress Media Library Category & File Manager Medium 4.3 2024-03-13 15:26:36 Deep Dive
CVE-2024-1176 HT Easy GA4 – Google Analytics WordPress Plugin <= 1.1.5 - Missing Authorization to Unauthenticated GA4 Email Update htpluginsHT Easy GA4 – Google Analytics WordPress Plugin Medium 5.3 2024-03-13 15:26:34 Deep Dive
CVE-2024-0386 weForms <= 1.6.21 - Unauthenticated Stored Cross-Site Scripting via Referer boldgridweForms – Easy Drag & Drop Contact Form Builder For WordPress High 7.2 2024-03-12 21:34:34 Deep Dive
CVE-2024-1851 affiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_create_list cservitaffiliate-toolkit – Multi-Network Affiliate & Amazon Product Display Medium 6.3 2024-03-08 06:58:07 Deep Dive
CVE-2024-2298 affiliate-toolkit – WordPress Affiliate Plugin <= 3.5.4 - Missing Authorization via atkp_import_product cservitaffiliate-toolkit – Multi-Network Affiliate & Amazon Product Display Medium 4.3 2024-03-08 06:58:06 Deep Dive
CVE-2024-0203 WordPress plugins Digits 安全漏洞 UnitedOverDigits: WordPress Mobile Number Signup and Login High 8.8 2024-03-07 19:33:00 Deep Dive
CVE-2024-1720 User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin <= 3.1.4 - Unauthenticated Stored Self-Based Cross-Site Scripting wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 4.7 2024-03-07 05:32:39 Deep Dive
CVE-2024-1381 Page Builder Sandwich – Front End WordPress Page Builder Plugin <= 5.1.0 - Sensitive Information Exposure pagebuildersandwichPage Builder Sandwich – Front End WordPress Page Builder Plugin Medium 6.5 2024-03-05 01:56:03 Deep Dive
CVE-2024-0825 Vimeography: Vimeo Video Gallery WordPress Plugin <= 2.3.2 - Authenticated (Contributor+) PHP Object Injection videogalleryVimeography: Vimeo Video Gallery WordPress Plugin High 8.8 2024-03-05 01:56:02 Deep Dive
CVE-2024-1285 Page Builder Sandwich <= 5.1.0 - Missing Authorization to Authenticated(Subscriber+) Arbitrary Post Editing pagebuildersandwichPage Builder Sandwich – Front End WordPress Page Builder Plugin Medium 6.5 2024-03-05 01:56:01 Deep Dive
CVE-2024-25594 WordPress MyWaze Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS) Savvy Wordpress DevelopmentMyWaze Medium 6.5 2024-02-29 06:17:16 Deep Dive
CVE-2024-1468 Avada | Website Builder For WordPress & WooCommerce <= 7.11.4 - Authenticated (Contributor+) Arbitrary File Upload ThemeFusionAvada | Website Builder For WordPress & WooCommerce High 8.8 2024-02-29 03:30:30 Deep Dive
CVE-2023-51681 WordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF) DuplicatorDuplicator – WordPress Migration & Backup Plugin Medium 6.5 2024-02-28 16:41:37 Deep Dive