| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-28172 | WordPress WP Google Map Plugin Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | flippercode | WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin) | Medium | 5.4 | 2023-11-12 22:24:13 | Deep Dive |
| CVE-2023-29428 | WordPress Superb Social Media Share Buttons and Follow Buttons Plugin <= 1.1.3 is vulnerable to Broken Access Control | SuPlugins | Superb Social Media Share Buttons and Follow Buttons for WordPress | Medium | 5.3 | 2023-11-10 13:51:02 | Deep Dive |
| CVE-2023-32739 | WordPress WP Custom Cursors Plugin < 3.2 is vulnerable to Cross Site Request Forgery (CSRF) | Web_Trendy | WP Custom Cursors | WordPress Cursor Plugin | Medium | 4.3 | 2023-11-09 20:56:16 | Deep Dive |
| CVE-2023-47238 | WordPress Top 10 Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF) | WebberZone | Top 10 – WordPress Popular posts by WebberZone | Medium | 4.3 | 2023-11-09 18:21:51 | Deep Dive |
| CVE-2023-46627 | WordPress WP Simple HTML Sitemap Plugin <= 2.1 is vulnerable to Cross Site Scripting (XSS) | Ashish Ajani | WordPress Simple HTML Sitemap | High | 7.1 | 2023-11-08 16:02:36 | Deep Dive |
| CVE-2023-5982 | UpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage Update | davidanderson | UpdraftPlus: WP Backup & Migration Plugin | Medium | 5.4 | 2023-11-07 20:31:57 | Deep Dive |
| CVE-2022-47181 | WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | wpexpertsio | Email Templates Customizer and Designer for WordPress and WooCommerce | Medium | 4.3 | 2023-11-07 17:23:38 | Deep Dive |
| CVE-2023-41798 | WordPress Directorist Plugin <= 7.7.1 is vulnerable to CSV Injection | wpWax | Directorist – WordPress Business Directory Plugin with Classified Ads Listings | Medium | 5.1 | 2023-11-07 17:19:26 | Deep Dive |
| CVE-2022-45370 | WordPress WordPress Comments Import & Export Plugin <= 2.3.1 is vulnerable to CSV Injection | WebToffee | WordPress Comments Import & Export | Medium | 6.1 | 2023-11-07 16:56:10 | Deep Dive |
| CVE-2022-45810 | WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection | Icegram | Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce | Medium | 4.7 | 2023-11-07 16:50:04 | Deep Dive |
| CVE-2023-5703 | Gift Up Gift Cards for WordPress and WooCommerce <= 2.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | koanleeroy | Gift Up Gift Cards for WordPress and WooCommerce | Medium | 6.4 | 2023-11-07 11:31:07 | Deep Dive |
| CVE-2023-5577 | Bitly's WordPress Plugin <= 2.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | bitlydeveloper | Bitly's WordPress Plugin | Medium | 6.4 | 2023-11-07 11:31:06 | Deep Dive |
| CVE-2023-46823 | WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection | Avirtum | ImageLinks Interactive Image Builder for WordPress | High | 7.6 | 2023-11-06 09:15:09 | Deep Dive |
| CVE-2023-35911 | WordPress Contact Form Generator Plugin <= 2.6.0 is vulnerable to SQL Injection | Creative Solutions | Contact Form Generator : Creative form builder for WordPress | High | 8.5 | 2023-11-06 08:44:51 | Deep Dive |
| CVE-2023-45069 | WordPress Video Gallery – YouTube Gallery Plugin <= 2.1.3 is vulnerable to SQL Injection | Video Gallery by Total-Soft | Video Gallery – Best WordPress YouTube Gallery Plugin | High | 7.6 | 2023-11-06 08:42:03 | Deep Dive |
| CVE-2023-45074 | WordPress Advanced Page Visit Counter Plugin <= 7.1.1 is vulnerable to SQL Injection | Page Visit Counter | Advanced Page Visit Counter – Most Wanted Analytics Plugin for WordPress | High | 8.5 | 2023-11-06 08:35:03 | Deep Dive |
| CVE-2023-35910 | WordPress Quasar form Plugin <= 6.0 is vulnerable to SQL Injection | Nucleus_genius | Quasar form free – Contact Form Builder for WordPress | High | 8.5 | 2023-11-03 23:11:33 | Deep Dive |
| CVE-2023-36529 | WordPress Houzez CRM Plugin <= 1.3.4 is vulnerable to SQL Injection | Favethemes | Houzez - Real Estate WordPress Theme | Critical | 9.9 | 2023-11-03 16:52:29 | Deep Dive |
| CVE-2023-32121 | WordPress Zero Spam Plugin <= 5.4.4 is vulnerable to SQL Injection | Highfivery LLC | Zero Spam for WordPress | High | 7.6 | 2023-11-03 16:15:02 | Deep Dive |
| CVE-2023-26015 | WordPress MapPress Maps for WordPress Plugin <= 2.85.4 is vulnerable to SQL Injection | Chris Richardson | MapPress Maps for WordPress | High | 7.1 | 2023-11-03 12:40:01 | Deep Dive |