| CVE-2023-47191 | WordPress Youzify Plugin <= 1.2.2 is vulnerable to Insecure Direct Object References (IDOR) | KaineLabs | Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress | Medium | 6.5 | 2023-12-21 18:26:53 | Deep Dive |
| CVE-2023-50828 | WordPress Ultimate Dashboard Plugin <= 3.7.11 is vulnerable to Cross Site Scripting (XSS) | David Vongries | Ultimate Dashboard – Custom WordPress Dashboard | Medium | 5.9 | 2023-12-21 14:50:26 | Deep Dive |
| CVE-2023-50824 | WordPress Insert or Embed Articulate Content into WordPress Plugin <= 4.3000000021 is vulnerable to Cross Site Scripting (XSS) | Brian Batt | Insert or Embed Articulate Content into WordPress | Medium | 6.5 | 2023-12-21 14:42:05 | Deep Dive |
| CVE-2023-28421 | WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.10 is vulnerable to Sensitive Data Exposure | Winwar Media | WordPress Email Marketing Plugin – WP Email Capture | Medium | 5.3 | 2023-12-21 14:11:32 | Deep Dive |
| CVE-2023-48288 | WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.1 is vulnerable to Sensitive Data Exposure | HM Plugin | WordPress Job Board and Recruitment Plugin – JobWP | High | 7.5 | 2023-12-21 14:05:57 | Deep Dive |
| CVE-2023-49162 | WordPress BigCommerce Plugin <= 5.0.6 is vulnerable to Sensitive Data Exposure | BigCommerce | BigCommerce For WordPress | Medium | 5.3 | 2023-12-21 13:55:31 | Deep Dive |
| CVE-2023-49826 | WordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object Injection | PenciDesign | Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme | High | 8.1 | 2023-12-21 12:34:52 | Deep Dive |
| CVE-2023-29384 | WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.0 is vulnerable to Arbitrary File Upload | HM Plugin | WordPress Job Board and Recruitment Plugin – JobWP | Critical | 10.0 | 2023-12-20 19:04:35 | Deep Dive |
| CVE-2022-47599 | WordPress File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection | File Manager by Bit Form Team | File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager | Medium | 5.5 | 2023-12-20 17:42:54 | Deep Dive |
| CVE-2023-49752 | WordPress Adifier System Plugin < 3.1.4 is vulnerable to SQL Injection | Spoon themes | Adifier - Classified Ads WordPress Theme | Critical | 9.3 | 2023-12-20 17:38:01 | Deep Dive |
| CVE-2023-28788 | WordPress Advanced Page Visit Counter Plugin <= 6.4.2 is vulnerable to SQL Injection | Page Visit Counter | Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress | High | 7.1 | 2023-12-20 17:19:52 | Deep Dive |
| CVE-2023-29096 | WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection | BestWebSoft | Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress | High | 8.5 | 2023-12-20 17:16:06 | Deep Dive |
| CVE-2023-29432 | WordPress Houzez Theme < 2.8.3 is vulnerable to SQL Injection | Favethemes | Houzez - Real Estate WordPress Theme | High | 8.2 | 2023-12-20 17:12:57 | Deep Dive |
| CVE-2023-30750 | WordPress CM Pop-Up banners Plugin <= 1.5.10 is vulnerable to SQL Injection | CreativeMindsSolutions | CM Popup Plugin for WordPress | High | 8.5 | 2023-12-20 17:06:20 | Deep Dive |
| CVE-2023-49825 | WordPress Soledad Theme <= 8.4.1 is vulnerable to SQL Injection | PenciDesign | Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme | High | 8.5 | 2023-12-20 15:38:27 | Deep Dive |
| CVE-2023-38519 | WordPress MainWP Plugin <= 4.4.3.3 is vulnerable to SQL Injection | MainWP | MainWP Dashboard – WordPress Manager for Multiple Websites Maintenance | High | 7.6 | 2023-12-20 13:48:05 | Deep Dive |
| CVE-2023-47236 | WordPress iPages Flipbook Plugin <= 1.4.8 is vulnerable to SQL Injection | Avirtum | iPages Flipbook For WordPress | High | 7.6 | 2023-12-20 13:28:13 | Deep Dive |
| CVE-2023-48764 | WordPress WordPress Brute Force Protection – Stop Brute Force Attacks Plugin <= 2.2.5 is vulnerable to SQL Injection | GuardGiant Brute Force Protection | WordPress Brute Force Protection – Stop Brute Force Attacks | High | 7.6 | 2023-12-19 20:39:30 | Deep Dive |
| CVE-2023-49750 | WordPress Couponis Demo Plugin < 2.2 is vulnerable to SQL Injection | Spoonthemes | Couponis - Affiliate & Submitting Coupons WordPress Theme | Critical | 9.3 | 2023-12-19 20:36:17 | Deep Dive |
| CVE-2023-45105 | WordPress affiliate-toolkit – WordPress Affiliate Plugin Plugin <= 3.3.9 is vulnerable to Open Redirection | SERVIT Software Solutions | affiliate-toolkit – WordPress Affiliate Plugin | Medium | 4.7 | 2023-12-19 19:48:26 | Deep Dive |