Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 264 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-25048 WordPress Fantastic Content Protector Free plugin <= 2.6 - Broken Access Control vulnerability Fantastic PluginsFantastic Content Protector Free Medium 5.3 2024-12-09 11:31:37 Deep Dive
CVE-2023-50877 WordPress Product Filter by WBW plugin <= 2.5.0 - Broken Access Control vulnerability WBW PluginsProduct Filter by WBW Medium 4.3 2024-12-09 11:29:58 Deep Dive
CVE-2024-53739 WordPress Cryptocurrency Widgets For Elementor plugin <= 1.6.4 - Local File Inclusion vulnerability Cool PluginsCryptocurrency Widgets For Elementor High 8.1 2024-11-30 20:55:57 Deep Dive
CVE-2024-51657 WordPress SmartLink Dynamic URLs plugin <= 1.1.0 - CSRF to Stored XSS vulnerability Woopy PluginsSmartLink Dynamic URLs High 7.1 2024-11-19 16:32:19 Deep Dive
CVE-2024-10924 Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 - 9.1.1.1 - Authentication Bypass Really Simple PluginsReally Simple Security Pro multisite Critical 9.8 2024-11-15 03:18:46 Deep Dive
CVE-2024-52354 WordPress Web Stories Widgets For Elementor plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability Cool PluginsWeb Stories Widgets For Elementor Medium 6.5 2024-11-11 06:13:20 Deep Dive
CVE-2024-10547 WP Membership <= 1.6.2 - Unauthenticated Arbitrary File Upload e-pluginsWP Membership Critical 9.8 2024-11-09 07:35:05 Deep Dive
CVE-2024-47311 WordPress Wheel of Life plugin <= 1.1.8 - Broken Access Control vulnerability Kraft PluginsWheel of Life Medium 5.3 2024-11-01 14:18:43 Deep Dive
CVE-2024-43981 WordPress GeoDirectory plugin <= 2.3.70 - Broken Access Control vulnerability AyeCode – WP Business Directory PluginsGeoDirectory Medium 4.3 2024-11-01 14:17:12 Deep Dive
CVE-2024-49693 WordPress Mega Elements – Addons for Elementor plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability Kraft PluginsMega Elements Medium 6.5 2024-10-24 12:41:55 Deep Dive
CVE-2024-49695 WordPress WP Flow Plus plugin <= 5.2.3 - Cross Site Scripting (XSS) vulnerability Spiffy PluginsWP Flow Plus Medium 6.5 2024-10-24 12:38:03 Deep Dive
CVE-2024-49691 WordPress Product Filter by WBW plugin <= 2.7.0 - SQL Injection vulnerability WBW PluginsProduct Filter by WBW High 7.6 2024-10-24 12:06:25 Deep Dive
CVE-2024-48049 WordPress Mighty Builder plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability Mighty PluginsMighty Builder Medium 6.5 2024-10-20 07:54:23 Deep Dive
CVE-2024-49308 WordPress Animator – Scroll Triggered Animations plugin <= 3.0.15 - Reflected Cross Site Scripting (XSS) vulnerability Toast PluginsAnimator High 7.1 2024-10-17 18:48:38 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9232 Download Plugins and Themes in ZIP from Dashboard <= 1.9.1 - Reflected Cross-Site Scripting wpcodefactoryDownload Plugins and Themes in ZIP from Dashboard Medium 6.1 2024-10-11 06:50:20 Deep Dive
CVE-2024-47343 WordPress Mega Elements – Addons for Elementor plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability Kraft PluginsMega Elements Medium 6.5 2024-10-06 10:46:32 Deep Dive
CVE-2024-6590 Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update javmahWPGSI: Spreadsheet Integration Medium 6.3 2024-09-25 02:05:25 Deep Dive
CVE-2024-43969 WordPress Spiffy Calendar plugin <= 4.9.12 - SQL Injection vulnerability Spiffy PluginsSpiffy Calendar High 7.6 2024-09-17 22:33:52 Deep Dive
CVE-2024-45457 WordPress Spiffy Calendar plugin <= 4.9.13 - Cross Site Scripting (XSS) vulnerability Spiffy PluginsSpiffy Calendar Medium 6.5 2024-09-15 07:43:48 Deep Dive