Vulnerability List - Page 79

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2023-6009	UserPro <= 5.1.4 - Authenticated (Subscriber+) Privilege Escalation	-	UserPro - Community and User Profile WordPress Plugin	High	8.8	2023-11-22 15:33:38	Deep Dive
CVE-2023-2449	UserPro <= 5.1.1 - Insecure Password Reset Mechanism	-	UserPro - Community and User Profile WordPress Plugin	Critical	9.8	2023-11-22 15:33:37	Deep Dive
CVE-2023-2437	UserPro <= 5.1.1 - Authentication Bypass to Administrator	-	UserPro - Community and User Profile WordPress Plugin	Critical	9.8	2023-11-22 15:33:33	Deep Dive
CVE-2023-2438	UserPro <= 5.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via userpro_save_userdata	-	UserPro - Community and User Profile WordPress Plugin	Medium	6.1	2023-11-22 15:33:30	Deep Dive
CVE-2023-2448	UserPro <= 5.1.4 - Missing Authorization to Arbitrary Shortcode Execution via userpro_shortcode_template	-	UserPro - Community and User Profile WordPress Plugin	Medium	6.5	2023-11-22 15:33:29	Deep Dive
CVE-2023-4726	Ultimate Dashboard <= 3.7.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via plugin settings	davidvongries	Ultimate Dashboard – Custom WordPress Dashboard	Medium	4.4	2023-11-22 15:33:29	Deep Dive
CVE-2023-2440	UserPro <= 5.1.1 - Cross-Site Request Forgery to Privilege Escalation	-	UserPro - Community and User Profile WordPress Plugin	High	8.8	2023-11-22 15:33:28	Deep Dive
CVE-2023-6164	MainWP Dashboard <= 4.5.1.2 - Authenticated(Administrator+) CSS Injection	mainwp	MainWP Dashboard: Self-hosted WordPress Management for Agencies	Low	2.2	2023-11-22 15:33:28	Deep Dive
CVE-2023-6007	UserPro <= 5.1.1 - Missing Authorization via multiple functions	-	UserPro - Community and User Profile WordPress Plugin	High	7.3	2023-11-22 15:33:26	Deep Dive
CVE-2023-6160	LifterLMS <= 7.4.2 - Authenticated(Administrator+) Directory Traversal to Arbitrary CSV File Deletion	chrisbadgett	LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes	Low	3.3	2023-11-22 15:33:26	Deep Dive
CVE-2023-5742	EasyRotator for WordPress <= 1.0.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	dwusercom	EasyRotator for WordPress – Slider Plugin	Medium	6.4	2023-11-22 15:33:23	Deep Dive
CVE-2023-5815	News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Remote Code Execution via Local File Inclusion	infornweb	Blog Designer Pack – Blog, Post Grid, Post Slider, Post Carousel, Category Post, News	High	8.1	2023-11-22 15:33:22	Deep Dive
CVE-2023-2446	UserPro <= 5.1.1 - Sensitive Information Disclosure via Shortcode	-	UserPro - Community and User Profile WordPress Plugin	Medium	6.5	2023-11-22 07:32:12	Deep Dive
CVE-2023-2447	UserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information Exposure	-	UserPro - Community and User Profile WordPress Plugin	Medium	6.1	2023-11-22 07:32:12	Deep Dive
CVE-2023-25985	WordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)	Tomas \| Docs \| FAQ \| Premium Support	WordPress Tooltips	Medium	4.3	2023-11-18 22:21:16	Deep Dive
CVE-2023-41129	WordPress Patreon WordPress Plugin <= 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)	Patreon	Patreon WordPress	Medium	4.3	2023-11-18 22:16:15	Deep Dive
CVE-2023-47552	WordPress Image Hover Effects Plugin <= 5.5 is vulnerable to Cross Site Request Forgery (CSRF)	Labib Ahmed	Image Hover Effects – WordPress Plugin	Medium	5.4	2023-11-18 21:45:38	Deep Dive
CVE-2023-34013	WordPress Poll Maker Plugin <= 4.6.2 is vulnerable to Server Side Request Forgery (SSRF)	Poll Maker Team	Poll Maker – Best WordPress Poll Plugin	Medium	4.4	2023-11-13 02:28:32	Deep Dive
CVE-2023-47230	WordPress Contact Forms by Cimatti Plugin <= 1.6.0 is vulnerable to Cross Site Request Forgery (CSRF)	Cimatti Consulting	WordPress Contact Forms by Cimatti	Medium	5.4	2023-11-13 00:07:46	Deep Dive
CVE-2023-26524	WordPress Quiz And Survey Master Plugin <= 8.0.10 is vulnerable to Cross Site Request Forgery (CSRF)	ExpressTech	Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress	Medium	4.3	2023-11-12 23:55:19	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List - Page 79