Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 2564 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-0604 FastDup <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST Parameter ninjateamFastDup – Fastest WordPress Migration & Duplicator Medium 6.5 2026-01-06 03:21:39 Deep Dive
CVE-2025-14627 WP Import – Ultimate CSV XML Importer for WordPress <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass smackcodersWP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress Medium 6.4 2026-01-01 16:19:31 Deep Dive
CVE-2025-28973 WordPress Pro Bulk Watermark Plugin for WordPress <= 2.0 - Path Traversal Vulnerability AA-TeamPro Bulk Watermark Plugin for WordPress 中危 -2025-12-31 20:02:11 Deep Dive
CVE-2025-28949 WordPress Mediabay - WordPress Media Library Folders <= 1.4 - SQL Injection Vulnerability CodedraftMediabay - WordPress Media Library Folders High 8.5 2025-12-31 20:00:22 Deep Dive
CVE-2025-62088 WordPress WordPress & WooCommerce Scraper plugin, Import Data from Any Site plugin <= 1.0.7 - Server Side Request Forgery (SSRF) vulnerability extendonsWordPress & WooCommerce Scraper Plugin, Import Data from Any Site Medium 5.4 2025-12-31 17:04:44 Deep Dive
CVE-2025-62083 WordPress BoomDevs WordPress Coming Soon plugin plugin <= 1.0.4 - Sensitive Data Exposure vulnerability WP MessiahBoomDevs WordPress Coming Soon Medium 4.3 2025-12-31 16:29:16 Deep Dive
CVE-2025-63005 WordPress WordPress Tooltips plugin <= 10.9.3 - Cross Site Scripting (XSS) vulnerability TomasWordPress Tooltips Medium 6.5 2025-12-31 08:46:03 Deep Dive
CVE-2025-52835 WordPress WING WordPress Migrator plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability ConoHa by GMOWING WordPress Migrator Critical 9.6 2025-12-30 16:48:14 Deep Dive
CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability CodeFlavorsFeatured Video for WordPress &#8211; VideographyWP Medium 6.5 2025-12-30 16:14:00 Deep Dive
CVE-2025-69022 WordPress HR Management Lite plugin <= 3.6 - Broken Access Control vulnerability Weblizar - WordPress Themes &amp; PluginHR Management Lite Medium 5.4 2025-12-30 10:47:55 Deep Dive
CVE-2025-68974 WordPress WordPress Social Login and Register plugin <= 7.7.0 - Local File Inclusion vulnerability miniOrangeWordPress Social Login and Register Medium 6.6 2025-12-30 10:47:48 Deep Dive
CVE-2025-68893 WordPress WordPress Image shrinker plugin <= 1.1.0 - Server Side Request Forgery (SSRF) vulnerability HETWORKSWordPress Image shrinker Medium 4.9 2025-12-29 15:56:48 Deep Dive
CVE-2025-13958 YaMaps < 0.6.40 - Contributor+ Stored XSS UnknownYaMaps for WordPress Plugin 中危 -2025-12-29 06:00:11 Deep Dive
CVE-2025-14913 Frontend Post Submission Manager Lite <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion wpshuffleFrontend Post Submission Manager Lite – Frontend Posting WordPress Plugin Medium 5.3 2025-12-25 23:20:03 Deep Dive
CVE-2025-68597 WordPress Jobs for WordPress plugin <= 2.8.1 - Cross Site Scripting (XSS) vulnerability BlueGlass Interactive AGJobs for WordPress Medium 6.5 2025-12-24 13:10:46 Deep Dive
CVE-2025-9343 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.4 - Unauthenticated Stored Cross-Site Scripting elextensionsELEX WordPress HelpDesk & Customer Ticketing System High 7.2 2025-12-21 03:20:04 Deep Dive
CVE-2025-14071 Live Composer – Free WordPress Website Builder <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output Shortcode livecomposerLive Composer – Free WordPress Website Builder High 7.5 2025-12-21 02:20:31 Deep Dive
CVE-2025-14080 Frontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification wpshuffleFrontend Post Submission Manager Lite – Frontend Posting WordPress Plugin Medium 5.3 2025-12-21 02:20:31 Deep Dive
CVE-2025-11496 Five Star Restaurant Reservations – WordPress Booking Plugin <= 2.7.5 - Unauthenticated Stored Cross-Site Scripting rustauriusFive Star Restaurant Reservations – WordPress Booking Plugin Medium 6.1 2025-12-21 02:20:30 Deep Dive
CVE-2025-64273 WordPress Email marketing for WordPress by GetResponse Official plugin <= 1.5.3 - Broken Access Control vulnerability GetResponseEmail marketing for WordPress by GetResponse Official Medium 6.5 2025-12-18 07:22:15 Deep Dive