| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-4359 | Frontend File Manager Plugin <= 18.2 - Unauthenticated Arbitrary Post Deletion | nmedia | Frontend File Manager Plugin | Medium | 6.5 | 2023-06-07 01:51:29 | Deep Dive |
| CVE-2021-4363 | WP Quick FrontEnd Editor <= 5.5 - Reflected Cross-Site Scripting | labibahmed42 | WP Quick FrontEnd Editor – WordPress Plugin | Medium | 6.1 | 2023-06-07 01:51:28 | Deep Dive |
| CVE-2021-4356 | Frontend File Manager <= 18.2 - Unauthenticated Arbitrary File Download | nmedia | Frontend File Manager Plugin | Critical | 9.0 | 2023-06-07 01:51:27 | Deep Dive |
| CVE-2021-4351 | Frontend File Manager <= 18.2 - Unauthenticated Post Meta Change | nmedia | Frontend File Manager Plugin | Medium | 5.8 | 2023-06-07 01:51:20 | Deep Dive |
| CVE-2021-4350 | Frontend File Manager <= 18.2 - Unauthenticated HTML Injection leading to Spam Emails | nmedia | Frontend File Manager Plugin | High | 7.2 | 2023-06-07 01:51:19 | Deep Dive |
| CVE-2021-4344 | Frontend File Manager <= 18.2 - Privilege Escalation | nmedia | Frontend File Manager Plugin | Medium | 6.4 | 2023-06-07 01:51:15 | Deep Dive |
| CVE-2022-4946 | Frontend Post WordPress Plugin <= 2.8.4 - Contributor+ Arbitrary Redirect | Unknown | Frontend Post WordPress Plugin | 中危 | - | 2023-06-05 13:39:01 | Deep Dive |
| CVE-2022-4938 | WCFM Frontend Manager <= 6.5.13 - Cross-Site Request Forgery | wclovers | WCFM – Frontend Manager for WooCommerce | Medium | 6.3 | 2023-04-05 17:40:32 | Deep Dive |
| CVE-2022-4937 | WordPress plugin Frontend Manager 安全漏洞 | wclovers | WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible | Medium | 6.3 | 2023-04-05 17:40:18 | Deep Dive |
| CVE-2020-36666 | Multiple e-plugins - Subscriber+ Privilege Escalation | Unknown | directory-pro | 高危 | - | 2023-03-27 15:37:27 | Deep Dive |
| CVE-2022-4831 | Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode | Unknown | Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro | 中危 | - | 2023-01-30 20:31:56 | Deep Dive |
| CVE-2022-43515 | X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode | Zabbix | Frontend | Medium | 5.3 | 2022-12-12 01:49:10 | Deep Dive |
| CVE-2021-24649 | WP User Frontend < 3.5.29 - Obscure Registration as Admin | Unknown | WP User Frontend | 超危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-39350 | @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details | DependencyTrack | frontend | Medium | 5.4 | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-3126 | Frontend File Manager < 21.4 - File Upload via CSRF | Unknown | Frontend File Manager Plugin | 中危 | - | 2022-10-17 00:00:00 | Deep Dive |
| CVE-2022-3125 | Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload | Unknown | Frontend File Manager Plugin | 高危 | - | 2022-10-03 13:45:26 | Deep Dive |
| CVE-2022-3124 | Frontend File Manager < 21.3 - Unauthenticated File Renaming | Unknown | Frontend File Manager Plugin | 中危 | - | 2022-10-03 13:45:25 | Deep Dive |
| CVE-2022-40626 | Reflected XSS in the backurl parameter of Zabbix Frontend | Zabbix | Frontend | Medium | 4.8 | 2022-09-14 06:55:09 | Deep Dive |
| CVE-2022-2356 | User Private Files < 1.1.3 - Subscriber+ Arbitrary File Upload | Unknown | Frontend File Manager & Sharing – User Private Files | 高危 | - | 2022-08-08 13:46:51 | Deep Dive |
| CVE-2022-35230 | Reflected XSS in graphs page of Zabbix Frontend | Zabbix | Frontend | Low | 3.7 | 2022-07-06 11:05:14 | Deep Dive |