Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 1149 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-52731 WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability themefunctionWordPress Event Manager, Event Calendar and Booking Plugin High 7.5 2025-08-14 10:34:01 Deep Dive
CVE-2012-10027 WordPress Plugin WP-Property <= 1.35.0 PHP File Upload WP-PropertyWordPress Plugin--2025-08-05 20:06:43 Deep Dive
CVE-2012-10026 WordPress Plugin Asset-Manager <= 2.0 PHP File Upload Asset-ManagerWordpress Plugin--2025-08-05 20:06:24 Deep Dive
CVE-2012-10025 WordPress Plugin Advanced Custom Fields <= 3.5.1 Remote File Inclusion Advanced Custom FieldsWordPress Plugin--2025-08-05 20:06:01 Deep Dive
CVE-2025-8295 Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designEmployee Directory – Staff & Team Directory Medium 6.4 2025-08-05 07:24:16 Deep Dive
CVE-2025-8313 Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designCampus Directory – Faculty, Staff & Student Directory Plugin for WordPress Medium 6.4 2025-08-05 06:39:49 Deep Dive
CVE-2025-7050 Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scripting via File Metadata WP Cloud Plugins/_deleeuw_Use-your-Drive | Google Drive plugin for WordPress High 7.2 2025-08-05 06:39:49 Deep Dive
CVE-2025-8315 WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designSimple Contact Form Plugin for WordPress – WP Easy Contact Medium 6.4 2025-08-05 06:39:48 Deep Dive
CVE-2025-6692 YouTube Embed <= 10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via instance Parameter hanucodesYouTube Embed – YouTube Gallery, Vimeo Gallery – WordPress Plugin Medium 6.4 2025-07-29 09:23:47 Deep Dive
CVE-2025-8009 Security Ninja – Secure Firewall & Secure Malware Scanner - 5.201 - 5.242 - Authenticated (Administrator+) Arbitrary File Read cleverpluginsSecurity Ninja – WordPress Security Plugin & Firewall Medium 4.9 2025-07-24 07:22:13 Deep Dive
CVE-2020-36848 Total Upkeep by BoldGrid <= 1.14.9 - Unauthenticated Backup Download boldgridTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid High 7.5 2025-07-12 11:23:40 Deep Dive
CVE-2025-34077 WordPress Pie Register Plugin ≤ 3.7.1.4 Authentication Bypass RCE Genetech SolutionsWordPress Pie Register Plugin--2025-07-09 00:49:29 Deep Dive
CVE-2025-5537 Lightbox & Modal Popup WordPress Plugin – FooBox <= 2.7.34 - Authenticated (Author+) Stored Cross-Site Scripting foopluginsLightbox & Modal Popup WordPress Plugin – FooBox Medium 6.4 2025-07-08 04:22:59 Deep Dive
CVE-2025-5339 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated Time-Based SQL Injection via ‘bsa_pro_id' scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager High 7.5 2025-07-02 03:47:26 Deep Dive
CVE-2025-6437 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated SQL Injection via oid scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager High 7.5 2025-07-02 03:47:25 Deep Dive
CVE-2025-4380 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated Local File Inclusion scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager High 8.1 2025-07-02 03:47:23 Deep Dive
CVE-2025-6459 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Cross-Site Request Forgery to PHP Code Injection in bsaCreateAdTemplate scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager High 8.8 2025-07-02 03:47:22 Deep Dive
CVE-2025-4381 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated SQL Injection scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager High 7.5 2025-07-02 03:47:22 Deep Dive
CVE-2025-4689 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated Local File Inclusion to Remote Code Execution scripteoAds Pro Plugin - Multi-Purpose WordPress Advertising Manager Critical 9.8 2025-07-02 03:47:21 Deep Dive
CVE-2025-53260 WordPress File Manager Plugin For Wordpress plugin <= 7.5 - Arbitrary File Upload Vulnerability getredhawkstudioFile Manager Plugin For Wordpress Critical 9.1 2025-06-27 13:21:08 Deep Dive