| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-23707 | WordPress Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS) | Awsm Innovations | Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files | Medium | 5.9 | 2023-03-23 16:12:14 | Deep Dive |
| CVE-2022-4862 | XSS vulnerability in M-Files Web | M-Files | M-Files New Web | Medium | 5.0 | 2023-03-06 10:46:21 | Deep Dive |
| CVE-2022-3284 | Insecure way of passing a download key | M-Files | M-Files New Web | Medium | 6.5 | 2023-03-06 10:39:44 | Deep Dive |
| CVE-2022-4861 | Incorrect Implementation of Authentication Algorithm | M-Files | M-Files Client | Medium | 4.8 | 2022-12-30 13:31:21 | Deep Dive |
| CVE-2022-4858 | Insertion of Sensitive Information into Log File | M-Files | M-Files Server | Medium | 4.4 | 2022-12-30 11:24:36 | Deep Dive |
| CVE-2019-25084 | Hide Files on GitHub options.js addEventListener cross site scripting | - | Hide Files on GitHub | Low | 3.5 | 2022-12-25 17:01:06 | Deep Dive |
| CVE-2022-4264 | Incorrect privilege assignment in M-Files Web Server | M-Files | M-Files Web | Medium | 6.5 | 2022-12-09 14:08:41 | Deep Dive |
| CVE-2022-4270 | Incorrect privilege assignment in M-Files Web Server | M-Files | M-Files Web | Low | 2.0 | 2022-12-02 12:20:59 | Deep Dive |
| CVE-2022-1911 | Information disclosure in M-Files Server | M-Files | M-Files Server | Medium | 5.3 | 2022-11-30 14:35:17 | Deep Dive |
| CVE-2022-1606 | Incorrect privilege assignment in M-Files Server | M-Files | M-Files Server | Low | 2.4 | 2022-11-30 14:05:15 | Deep Dive |
| CVE-2022-45401 | Jenkins Plugin Associated Files 跨站脚本漏洞 | Jenkins project | Jenkins Associated Files Plugin | 中危 | - | 2022-11-15 00:00:00 | Deep Dive |
| CVE-2022-2387 | Easy Digital Downloads < 3.0 - Arbitrary Post Deletion via CSRF | Unknown | Easy Digital Downloads – Simple eCommerce for Selling Digital Files | 中危 | - | 2022-11-07 00:00:00 | Deep Dive |
| CVE-2022-39018 | Broken access controls on PDFtron data in M-Files Hubshare | M-Files | Hubshare | High | 8.2 | 2022-10-31 20:09:57 | Deep Dive |
| CVE-2022-39019 | Broken access controls on PDFtron WebviewerUI in M-Files Hubshare | M-Files | Hubshare | Medium | 6.3 | 2022-10-31 20:09:41 | Deep Dive |
| CVE-2022-39017 | XSS in all comments fields in M-Files Hubshare | M-Files | Hubshare | High | 8.2 | 2022-10-31 20:07:27 | Deep Dive |
| CVE-2022-39016 | Javascript injection in PDFtron in M-Files Hubshare | M-Files | Hubshare | High | 8.2 | 2022-10-31 20:06:26 | Deep Dive |
| CVE-2022-36285 | WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerability | dmitrylitvinov | Uploading SVG, WEBP and ICO files (WordPress plugin) | High | 7.2 | 2022-08-23 15:48:09 | Deep Dive |
| CVE-2022-34648 | WordPress Uploading SVG, WEBP and ICO files plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | dmitrylitvinov | Uploading SVG, WEBP and ICO files (WordPress plugin) | Medium | 4.8 | 2022-08-23 15:45:25 | Deep Dive |
| CVE-2022-2356 | User Private Files < 1.1.3 - Subscriber+ Arbitrary File Upload | Unknown | Frontend File Manager & Sharing – User Private Files | 高危 | - | 2022-08-08 13:46:51 | Deep Dive |
| CVE-2022-36914 | Jenkins Files Found Trigger Plugin 安全漏洞 | Jenkins project | Jenkins Files Found Trigger Plugin | 中危 | - | 2022-07-27 14:27:41 | Deep Dive |