Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 736 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-48012 One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-063 DrupalOne Time Password--2025-05-21 16:24:07 Deep Dive
CVE-2025-48011 One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-062 DrupalOne Time Password--2025-05-21 16:23:47 Deep Dive
CVE-2025-48010 One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-061 DrupalOne Time Password--2025-05-21 16:23:31 Deep Dive
CVE-2025-2892 All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL smubAll in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Medium 6.4 2025-05-19 04:21:41 Deep Dive
CVE-2023-5932 Travelpayouts < 1.1.14 - Reflected XSS UnknownTravelpayouts: All Travel Brands in One Place--2025-05-15 20:09:03 Deep Dive
CVE-2023-5934 Travelpayouts < 1.1.13 - Settings Update via CSRF UnknownTravelpayouts: All Travel Brands in One Place--2025-05-15 20:09:03 Deep Dive
CVE-2025-3659 Improper authentication handling for Digi PortServer TS; Digi One SP, SP IA, IA; Digi One IAP Digi InternationalDigi PortServer TS--2025-05-12 20:40:04 Deep Dive
CVE-2025-3746 OTP-less one tap Sign in 2.0.14 - 2.0.59 - Unauthenticated Arbitrary Email Update to Account Takeover/Privilege Escalation thedriftedOTP-less one tap Sign in Critical 9.8 2025-05-02 01:43:35 Deep Dive
CVE-2025-3866 Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting rohanpawaleAdd Google +1 (Plus one) social share Button Medium 6.1 2025-04-25 06:45:27 Deep Dive
CVE-2025-3775 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter devitemsllcShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin Medium 6.5 2025-04-25 04:23:05 Deep Dive
CVE-2025-46513 WordPress All in One Time Clock Lite plugin < 1.3.326 - Cross Site Request Forgery (CSRF) Vulnerability CodebangersAll in One Time Clock Lite Medium 4.3 2025-04-24 16:09:14 Deep Dive
CVE-2025-3300 WPMasterToolKit (WPMTK) – All in one plugin <= 2.5.2 - Authenticated (Administrator+) to Arbitrary File Read and Write ludwigyouWPMasterToolKit (WPMTK) – All in one plugin High 7.2 2025-04-24 08:23:51 Deep Dive
CVE-2025-3801 songquanpeng one-api System Setting cross site scripting songquanpengone-api Low 2.4 2025-04-19 14:00:11 Deep Dive
CVE-2025-32622 WordPress OTP-less one tap Sign in Plugin <= 2.0.58 - Reflected Cross Site Scripting (XSS) vulnerability OTP-lessOTP-less one tap Sign in High 7.1 2025-04-17 15:47:14 Deep Dive
CVE-2025-3102 SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation brainstormforceOttoKit: All-in-One Automation Platform High 8.1 2025-04-10 04:22:06 Deep Dive
CVE-2025-32261 WordPress Advanced All in One Admin Search by WP Spotlight plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability KuppurajAdvanced All in One Admin Search by WP Spotlight Medium 4.3 2025-04-04 15:59:32 Deep Dive
CVE-2025-31286 Trend Vision One 安全漏洞 Trend Micro, Inc.Trend Vision One Medium 4.6 2025-04-02 16:39:42 Deep Dive
CVE-2025-31285 Trend Vision One 安全漏洞 Trend Micro, Inc.Trend Vision One Medium 4.6 2025-04-02 16:39:33 Deep Dive
CVE-2025-31284 Trend Vision One 安全漏洞 Trend Micro, Inc.Trend Vision One Medium 4.6 2025-04-02 16:39:24 Deep Dive
CVE-2025-31283 Trend Vision One 安全漏洞 Trend Micro, Inc.Trend Vision One Medium 4.6 2025-04-02 16:39:13 Deep Dive