Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2025-58846	WordPress WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule Plugin <= 2020.1.0 - Cross Site Request Forgery (CSRF) Vulnerability	Dejan Markovic	WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule	High	7.1	2025-09-05 13:45:33	Deep Dive
CVE-2025-58609	WordPress Latest Post Shortcode Plugin <= 14.0.3 - Cross Site Scripting (XSS) Vulnerability	Iulia Cazan	Latest Post Shortcode	Medium	6.5	2025-09-03 14:36:44	Deep Dive
CVE-2025-9219	Post SMTP <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option Update	saadiqbal	Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App	Medium	4.3	2025-09-03 08:27:23	Deep Dive
CVE-2025-48354	WordPress Better Post & Filter Widgets for Elementor plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability	WP Smart Widgets	Better Post & Filter Widgets for Elementor	Medium	6.5	2025-08-28 12:37:06	Deep Dive
CVE-2025-48303	WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability	Kevin Langley Jr.	Post Type Converter	Medium	4.3	2025-08-25 10:10:03	Deep Dive
CVE-2025-7839	Restore Permanently delete Post or Page Data <= 1.0 - Cross-Site Request Forgery	pokornydavid	Restore Permanently delete Post or Page Data	Medium	4.3	2025-08-23 04:25:48	Deep Dive
CVE-2025-54007	WordPress Post Grid and Gutenberg Blocks Plugin <= 2.3.11 - PHP Object Injection Vulnerability	PickPlugins	Post Grid and Gutenberg Blocks	High	8.8	2025-08-20 08:03:05	Deep Dive
CVE-2025-28975	WordPress Alike - WordPress Custom Post Comparison <= 3.0.1 - Cross Site Scripting (XSS) Vulnerability	redqteam	Alike - WordPress Custom Post Comparison	High	7.1	2025-08-14 10:34:34	Deep Dive
CVE-2025-52712	WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.27.8 - Path Traversal Vulnerability	BoldGrid	Post and Page Builder by BoldGrid	Medium	4.2	2025-08-14 10:34:05	Deep Dive
CVE-2025-24000	WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability	Saad Iqbal	Post SMTP	High	8.8	2025-08-07 16:58:29	Deep Dive
CVE-2025-4684	BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites <= 3.2.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Image Slider Widgets	blockspare	BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor	Medium	6.4	2025-08-01 11:18:55	Deep Dive
CVE-2025-5084	Post Grid Master <= 3.4.13 - Reflected Cross-Site Scripting via argsArray['read_more_text']	mdshuvo	Post Grid Master — Post Grids & AJAX Filters	Medium	6.1	2025-07-24 09:22:15	Deep Dive
CVE-2025-7687	Latest Post Accordian Slider <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting	anop-goswami	Latest Post Accordian Slider	Medium	6.1	2025-07-22 09:22:42	Deep Dive
CVE-2025-5800	Testimonial Post type <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via auto_play Parameter	juiiee8487	Testimonial Post type	Medium	6.4	2025-07-18 05:24:01	Deep Dive
CVE-2025-54042	WordPress WP Post Hide plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) Vulnerability	Xfinitysoft	WP Post Hide	Medium	4.3	2025-07-16 10:36:51	Deep Dive
CVE-2025-53323	WordPress Pre-Publish Post Checklist plugin <= 3.1 - Broken Access Control Vulnerability	danbriapps	Pre-Publish Post Checklist	Medium	4.3	2025-06-27 13:21:40	Deep Dive
CVE-2025-52726	WordPress CouponXxL Custom Post Types plugin <= 3.0 - Privilege Escalation Vulnerability	pebas	CouponXxL Custom Post Types	High	8.6	2025-06-27 11:52:26	Deep Dive
CVE-2025-49423	WordPress Bulk YouTube Post Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability	Syed Tahir Ali Jan	Bulk YouTube Post Creator	High	7.1	2025-06-27 11:52:09	Deep Dive
CVE-2025-5940	Osom Blocks <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter	osompress	Osom Blocks	Medium	6.4	2025-06-27 07:22:23	Deep Dive
CVE-2025-6538	Post Rating and Review <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter	bourgesloic	Post Rating and Review	Medium	6.4	2025-06-26 02:06:33	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List