| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-3279 | NextGEN Gallery < 3.39 - Admin+ Local File Inclusion | Unknown | WordPress Gallery Plugin | 中危 | - | 2023-10-16 19:39:18 | Deep Dive |
| CVE-2023-4811 | WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting | Unknown | WordPress File Upload | 中危 | - | 2023-10-16 19:39:17 | Deep Dive |
| CVE-2023-5561 | WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure | WordPress | WordPress | 中危 | - | 2023-10-16 19:39:10 | Deep Dive |
| CVE-2023-3155 | NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete | Unknown | WordPress Gallery Plugin | 高危 | - | 2023-10-16 19:39:08 | Deep Dive |
| CVE-2023-3154 | NextGEN Gallery < 3.39 - Admin+ PHAR Deserialization | Unknown | WordPress Gallery Plugin | 高危 | - | 2023-10-16 19:39:06 | Deep Dive |
| CVE-2023-4691 | Bookly < 22.4 - Admin+ SQLi | Unknown | WordPress Online Booking and Scheduling Plugin | 高危 | - | 2023-10-16 19:39:05 | Deep Dive |
| CVE-2023-45831 | WordPress AMP WP Plugin <= 1.5.15 is vulnerable to Cross Site Request Forgery (CSRF) | Pixelative, Mohsin Rafique | AMP WP – Google AMP For WordPress | Medium | 5.4 | 2023-10-16 10:23:05 | Deep Dive |
| CVE-2023-39999 | WordPress < 6.3.2 is vulnerable to Broken Access Control | WordPress.org | WordPress | Medium | 4.3 | 2023-10-13 11:31:17 | Deep Dive |
| CVE-2023-38000 | Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block | WordPress.org | WordPress | Medium | 6.5 | 2023-10-13 09:55:55 | Deep Dive |
| CVE-2023-41131 | WordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF) | Jonk @ Follow me Darling | Sp*tify Play Button for WordPress | Medium | 4.3 | 2023-10-12 14:26:21 | Deep Dive |
| CVE-2023-41694 | WordPress Realbig Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF) | Realbig Team | Realbig For WordPress | Medium | 4.3 | 2023-10-10 07:36:23 | Deep Dive |
| CVE-2023-5467 | GEO my WordPress <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ninjew | GEO my WP | Medium | 6.4 | 2023-10-10 04:29:39 | Deep Dive |
| CVE-2023-44233 | WordPress FooGallery Plugin <= 2.2.44 is vulnerable to Cross Site Request Forgery (CSRF) | FooPlugins | Best WordPress Gallery Plugin – FooGallery | Medium | 5.4 | 2023-10-06 15:04:47 | Deep Dive |
| CVE-2023-5357 | Instagram for WordPress <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | esemono | Instagram for WordPress | Medium | 6.4 | 2023-10-04 01:52:39 | Deep Dive |
| CVE-2023-37996 | WordPress GTmetrix for WordPress Plugin <= 0.4.7 is vulnerable to Cross Site Request Forgery (CSRF) | GTmetrix | GTmetrix for WordPress | Medium | 5.4 | 2023-10-03 09:48:41 | Deep Dive |
| CVE-2023-37992 | WordPress Smarty for WordPress Plugin <= 3.1.35 is vulnerable to Cross Site Request Forgery (CSRF) | PressPage Entertainment Inc. | Smarty for WordPress | Medium | 5.4 | 2023-10-03 09:43:18 | Deep Dive |
| CVE-2023-41731 | WordPress wordpress publish post email notification Plugin <= 1.0.2.2 is vulnerable to Cross Site Scripting (XSS) | I Thirteen Web Solution | WordPress publish post email notification | Medium | 5.9 | 2023-10-02 07:43:42 | Deep Dive |
| CVE-2023-41661 | WordPress Smarty for WordPress Plugin <= 3.1.35 is vulnerable to Cross Site Scripting (XSS) | PressPage Entertainment Inc. | Smarty for WordPress | Medium | 5.9 | 2023-09-29 13:36:29 | Deep Dive |
| CVE-2023-41241 | WordPress SureCart Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS) | SureCart | WordPress Ecommerce For Creating Fast Online Stores | Medium | 5.9 | 2023-09-27 12:32:50 | Deep Dive |
| CVE-2023-4502 | Translate WordPress with GTranslate < 3.0.4 - Admin+ Stored XSS | Unknown | Translate WordPress with GTranslate | 中危 | - | 2023-09-25 15:56:55 | Deep Dive |