| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-5125 | Contact Form by FormGet <= 5.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | pankajagarwal | Contact Form by FormGet – Best Form Builder Plugin for WordPress | Medium | 6.4 | 2023-09-23 04:29:41 | Deep Dive |
| CVE-2023-5062 | WordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | webfactory | WordPress Charts | Medium | 6.4 | 2023-09-20 02:31:41 | Deep Dive |
| CVE-2023-4840 | MapPress Maps for WordPress <= 2.88.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | chrisvrichardson | MapPress Maps for WordPress | Medium | 6.4 | 2023-09-12 01:52:13 | Deep Dive |
| CVE-2023-4278 | MasterStudy LMS < 3.0.18 - Unauthenticated Instructor Account Creation | Unknown | MasterStudy LMS WordPress Plugin | 高危 | - | 2023-09-11 19:46:09 | Deep Dive |
| CVE-2023-4772 | Newsletter <= 7.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | satollo | Newsletter – Send awesome emails from WordPress | Medium | 6.4 | 2023-09-07 01:52:16 | Deep Dive |
| CVE-2023-4773 | WordPress Social Login <= 3.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | miled | WordPress Social Login | Medium | 6.4 | 2023-09-06 03:28:20 | Deep Dive |
| CVE-2023-4636 | WordPress File Sharing Plugin <= 2.0.3 - Authenticated (Admin+) Stored Cross-Site Scripting | deepakkite | File Sharing & Download Manager – User Private Files | Medium | 4.4 | 2023-09-05 02:25:44 | Deep Dive |
| CVE-2023-4151 | Store Locator WordPress < 1.4.13 - Reflected XSS | Unknown | Store Locator WordPress | 中危 | - | 2023-09-04 11:26:58 | Deep Dive |
| CVE-2023-30485 | WordPress Avartan Slider Lite Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) | Solwin Infotech | Responsive WordPress Slider – Avartan Slider Lite | High | 7.1 | 2023-09-04 11:07:00 | Deep Dive |
| CVE-2023-39992 | WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS) | vCita.com | Online Booking & Scheduling Calendar for WordPress by vcita | High | 7.1 | 2023-09-04 10:33:19 | Deep Dive |
| CVE-2023-4471 | Order Tracking Pro <= 3.3.6 - Reflected Cross-Site Scripting | rustaurius | Order Tracking – WordPress Status Tracking Plugin | Medium | 6.1 | 2023-08-31 05:33:15 | Deep Dive |
| CVE-2023-4500 | Order Tracking Pro <= 3.3.6 - Authenticated (Administrator+) Stored Cross-Site Scripting | rustaurius | Order Tracking – WordPress Status Tracking Plugin | Medium | 4.7 | 2023-08-31 05:33:12 | Deep Dive |
| CVE-2023-25453 | WordPress WordPress Tables Plugin <= 1.3.9 is vulnerable to Cross Site Scripting (XSS) | Ian Sadovy | WordPress Tables | High | 7.1 | 2023-08-30 15:09:26 | Deep Dive |
| CVE-2023-34023 | WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS) | Miled | WordPress Social Login | High | 7.1 | 2023-08-30 14:25:03 | Deep Dive |
| CVE-2023-1982 | Front Editor <= 4.0.4 - Admin+ Stored XSS | Unknown | Guest posting / Frontend Posting wordpress plugin | 中危 | - | 2023-08-30 14:22:03 | Deep Dive |
| CVE-2023-34172 | WordPress WordPress Social Login Plugin <= 3.0.4 is vulnerable to Cross Site Scripting (XSS) | Miled | WordPress Social Login | Medium | 5.9 | 2023-08-30 14:12:47 | Deep Dive |
| CVE-2023-34180 | WordPress Google Fonts For WordPress Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS) | KAPlugins | Google Fonts For WordPress | High | 7.1 | 2023-08-30 13:43:26 | Deep Dive |
| CVE-2023-32499 | WordPress Radio Station Plugin <= 2.4.0.9 is vulnerable to Cross Site Scripting (XSS) | Tony Zeoli, Tony Hayes | Radio Station by netmix® – Manage and play your Show Schedule in WordPress! | High | 7.1 | 2023-08-23 13:59:24 | Deep Dive |
| CVE-2023-4404 | Donation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege Escalation | smub | Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More | Critical | 9.8 | 2023-08-23 01:58:03 | Deep Dive |
| CVE-2023-31218 | WordPress WOLF Plugin <= 1.0.6 is vulnerable to CSRF leading to Stored Cross Site Scripting (XSS) vulnerability | realmag777 | WOLF – WordPress Posts Bulk Editor and Manager Professional | High | 7.1 | 2023-08-18 13:28:47 | Deep Dive |