Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2024-52413	WordPress Airin Blog theme <= 1.6.1 - PHP Object Injection vulnerability	dmcwebzone	Airin Blog	Critical	9.8	2024-11-16 21:33:25	Deep Dive
CVE-2024-10728	PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/Activation	wpxpo	Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX	High	8.8	2024-11-16 04:29:15	Deep Dive
CVE-2024-9932	Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload	jurredeklijn	Wux Blog Editor	Critical	9.8	2024-10-26 01:58:38	Deep Dive
CVE-2024-9931	Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator	jurredeklijn	Wux Blog Editor	Critical	9.8	2024-10-26 01:58:34	Deep Dive
CVE-2022-4974	Freemius SDK <= 2.4.2 - Missing Authorization Checks	dashlabsltd	YASR – Yet Another Star Rating Plugin for WordPress	Medium	6.3	2024-10-16 06:43:30	Deep Dive
CVE-2024-8757	Boost Your Blog's Engagement with WP Post Author <= 3.8.1 - Authenticated (Administrator+) SQL Injection	afthemes	WP Post Author – Author Box, Multiple Authors, Guest Authors & Custom Avatars	High	7.2	2024-10-12 09:39:19	Deep Dive
CVE-2024-9218	Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid <= 1.3.14 - Reflected Cross-Site Scripting	wpblockart	Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid	Medium	6.1	2024-10-02 08:31:51	Deep Dive
CVE-2024-7432	Unseen Blog <= 1.0.0 - Authenticated (Contributor+) PHP Object Injection	ultrapressorg	Unseen Blog	High	8.8	2024-10-01 07:30:09	Deep Dive
CVE-2024-6459	News Element Elementor Blog Magazine < 1.0.6 - Unauthenticated LFI	Unknown	News Element Elementor Blog Magazine	-	-	2024-08-17 06:00:03	Deep Dive
CVE-2024-7114	Tianchoy Blog so.php sql injection	Tianchoy	Blog	Medium	6.3	2024-07-26 01:00:06	Deep Dive
CVE-2024-37229	WordPress Blogmentor – Blog Layouts for Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability	AuburnForest	Blogmentor – Blog Layouts for Elementor	Medium	6.5	2024-07-22 09:16:05	Deep Dive
CVE-2024-37271	WordPress Print My Blog plugin <= 3.27.0 - Cross Site Scripting (XSS) vulnerability	Michael Nelson	Print My Blog	Medium	5.9	2024-07-22 08:44:49	Deep Dive
CVE-2024-37918	WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability	WPCone	ConeBlog – WordPress Blog Widgets	Medium	6.5	2024-07-20 09:01:49	Deep Dive
CVE-2024-4667	Blog, Posts and Category Filter for Elementor <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post and Category Filter Widget	plugindevs	Blog, Posts and Category Filter for Elementor	Medium	6.4	2024-07-09 04:32:56	Deep Dive
CVE-2024-39314	toy-blog administrative token leaked through the command line parameter	KisaragiEffective	toy-blog	Medium	4.7	2024-07-01 21:33:54	Deep Dive
CVE-2024-39313	toy-blog Improper Input Validation vulnerability	KisaragiEffective	toy-blog	Medium	6.5	2024-07-01 21:23:38	Deep Dive
CVE-2024-5503	WP Blog Post Layouts <= 1.1.3 - Authenticated (Contributor+) Local File Inlcusion	codevibrant	WP Blog Post Layouts	High	8.8	2024-06-21 02:05:42	Deep Dive
CVE-2024-4623	Blogmentor – Blog Layouts for Elementor <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via pagination_style Parameter	auburnforest	Blogmentor – Blog Layouts for Elementor	Medium	6.4	2024-06-19 03:12:33	Deep Dive
CVE-2024-4305	PostX < 4.1.0 - Contributor+ Stored XSS	Unknown	Post Grid Gutenberg Blocks and WordPress Blog Plugin	-	-	2024-06-17 06:00:01	Deep Dive
CVE-2024-4615	Elespare – Blog, Magazine and Newspaper Addons for Elementor with Templates, Widgets, Kits, and Header/Footer Builder. One Click Import: No Coding Required! <= 3.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Horizontal Nav Menu Widget	elespare	EleSpare – News, Magazine and Blog Addons for Elementor	Medium	6.4	2024-06-13 07:31:53	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List