Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 243 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-31573 WordPress PeproDev CF7 Database plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability Pepro Dev. GroupPeproDev CF7 Database High 7.1 2025-04-03 13:27:11 Deep Dive
CVE-2025-31085 WordPress xili-language plugin <= 2.21.2 - Reflected Cross Site Scripting (XSS) vulnerability Michel - xiligroup devxili-language High 7.1 2025-04-01 20:58:09 Deep Dive
CVE-2025-30840 WordPress xili-dictionary plugin <= 2.12.5 - Reflected Cross Site Scripting (XSS) vulnerability Michel - xiligroup devxili-dictionary High 7.1 2025-04-01 05:31:38 Deep Dive
CVE-2025-30358 Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks mesop-devmesop High 8.1 2025-03-27 14:49:12 Deep Dive
CVE-2025-27612 Libcontainer is affected by capabilities elevation youki-devyouki Medium 5.9 2025-03-21 14:24:29 Deep Dive
CVE-2025-29922 kcp allows unauthorized creation and deletion of objects in arbitrary workspaces through APIExport Virtual Workspace kcp-devkcp Critical 9.6 2025-03-20 17:49:57 Deep Dive
CVE-2024-11602 CORS Vulnerability in feast-dev/feast feast-devfeast-dev/feast 高危 -2025-03-20 10:10:55 Deep Dive
CVE-2025-25306 Misskey's Incomplete Patch of CVE-2024-52591 Leads to Forgery of Federated Notes misskey-devmisskey Critical 9.3 2025-03-10 18:13:46 Deep Dive
CVE-2025-27154 Spotipy's cache file, containing spotify auth token, is created with overly broad permissions spotipy-devspotipy 中危 -2025-02-27 13:53:54 Deep Dive
CVE-2025-21194 Microsoft Surface Security Feature Bypass Vulnerability MicrosoftMicrosoft Surface Go High 7.1 2025-02-11 17:58:26 Deep Dive
CVE-2025-24897 Misskey CSRF vulnerability due to insecure configuration of authentication cookie attributes misskey-devmisskey High 8.2 2025-02-11 15:20:29 Deep Dive
CVE-2025-24896 Misskey allows token to remain valid in cookie after signing out misskey-devmisskey High 8.1 2025-02-11 15:14:09 Deep Dive
CVE-2024-11831 Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript -- Medium 5.4 2025-02-10 15:27:47 Deep Dive
CVE-2025-24963 Browser mode serves arbitrary files in vitest vitest-devvitest Medium 5.9 2025-02-04 19:36:52 Deep Dive
CVE-2025-24964 Remote Code Execution when accessing a malicious website while Vitest API server is listening vitest-devvitest Critical 9.6 2025-02-04 19:36:51 Deep Dive
CVE-2025-24574 WordPress PeproDev WooCommerce Receipt Uploader plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability Pepro Dev. GroupPeproDev WooCommerce Receipt Uploader High 7.1 2025-02-03 14:22:47 Deep Dive
CVE-2025-24671 WordPress Save as PDF Plugin by Pdfcrowd Plugin <= 4.4.0 - PHP Object Injection vulnerability Pdfcrowd Dev TeamSave as PDF Critical 9.8 2025-01-27 14:22:17 Deep Dive
CVE-2024-9499 Uncontrolled search path can lead to DLL hijacking in USBXpress Win 98SE Dev Kit installer silabs.comUSBXpress Win 98SE Dev Kit High 8.6 2025-01-24 14:39:51 Deep Dive
CVE-2024-9496 Uncontrolled search path can lead to DLL hijacking in USBXpress Dev Kit installer silabs.comUSBXpress Dev Kit High 8.6 2025-01-24 14:38:14 Deep Dive
CVE-2025-22744 WordPress S-DEV SEO plugin <= 1.88 - Cross Site Scripting (XSS) vulnerability SeodevS-DEV SEO Medium 6.5 2025-01-15 15:23:33 Deep Dive