| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-35229 | Reflected XSS in discovery page of Zabbix Frontend | Zabbix | Frontend | Low | 3.7 | 2022-07-06 11:05:12 | Deep Dive |
| CVE-2022-24919 | Reflected XSS in graph configuration window of Zabbix Frontend | Zabbix | Frontend | Low | 3.7 | 2022-03-09 19:30:31 | Deep Dive |
| CVE-2022-24918 | Reflected XSS in item configuration window of Zabbix Frontend | Zabbix | Frontend | Low | 3.7 | 2022-03-09 19:30:30 | Deep Dive |
| CVE-2022-24917 | Reflected XSS in service configuration window of Zabbix Frontend | Zabbix | Frontend | Low | 3.7 | 2022-03-09 19:30:28 | Deep Dive |
| CVE-2022-24349 | Reflected XSS in action configuration window of Zabbix Frontend | Zabbix | Frontend | Medium | 4.6 | 2022-03-09 19:30:27 | Deep Dive |
| CVE-2021-24898 | EditableTable <= 0.1.4 - Admin+ Stored Cross-Site Scripting | Unknown | Editable Table Simple Fast FrontEnd From Sql tables | 中危 | - | 2022-02-28 09:06:15 | Deep Dive |
| CVE-2021-24867 | Backdoored Plugins & Themes from AccessPress Themes | AccessPress Themes | Frontend Post WordPress Plugin – AccessPress Anonymous Post | 超危 | - | 2022-02-21 10:45:39 | Deep Dive |
| CVE-2021-25076 | WP User Frontend < 3.5.26 - SQL Injection to Reflected Cross-Site Scripting | Unknown | WP User Frontend – Membership, Profile, Registration & Post Submission Plugin for WordPress | 高危 | - | 2022-01-24 08:01:24 | Deep Dive |
| CVE-2022-23134 | Possible view of the setup pages by unauthenticated users if config file already exists | Zabbix | Frontend | Low | 3.7 | 2022-01-13 15:50:43 | Deep Dive |
| CVE-2022-23133 | Stored XSS in host groups configuration window in Zabbix Frontend | Zabbix | Frontend | Medium | 6.3 | 2022-01-13 15:50:42 | Deep Dive |
| CVE-2022-23131 | Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML | Zabbix | Frontend | Critical | 9.1 | 2022-01-13 15:50:39 | Deep Dive |
| CVE-2021-24856 | Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting | Unknown | Shared Files – Easy Download Manager and File Sharing Plugin with Frontend File Upload | 中危 | - | 2021-11-17 10:16:00 | Deep Dive |
| CVE-2021-24835 | WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL Injection | Unknown | WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible | 高危 | - | 2021-11-08 17:35:31 | Deep Dive |
| CVE-2021-24736 | Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting | Unknown | Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files | 中危 | - | 2021-10-18 13:46:06 | Deep Dive |
| CVE-2021-24563 | Frontend Uploader <= 1.3.2 - Unauthenticated Stored Cross-Site Scripting | Unknown | Frontend Uploader | 中危 | - | 2021-10-11 10:45:30 | Deep Dive |