| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-23837 | WordPress One Backend Language Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | martinjuhasz | One Backend Language | High | 7.1 | 2025-01-24 10:52:57 | Deep Dive |
| CVE-2024-55917 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:16:44 | Deep Dive |
| CVE-2024-55632 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:16:01 | Deep Dive |
| CVE-2024-55631 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:15:20 | Deep Dive |
| CVE-2024-52050 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:13:50 | Deep Dive |
| CVE-2024-52049 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:13:13 | Deep Dive |
| CVE-2024-52048 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.8 | 2024-12-31 16:11:42 | Deep Dive |
| CVE-2024-52047 | Trend Micro Apex One 安全漏洞 | Trend Micro, Inc. | Trend Micro Apex One | High | 7.5 | 2024-12-31 16:09:29 | Deep Dive |
| CVE-2024-56516 | free-one-api uses md5 for password storage | RockChinQ | free-one-api | 中危 | - | 2024-12-30 16:19:48 | Deep Dive |
| CVE-2024-22063 | ZTE ZENIC ONE R58 product has a CSV injection vulnerability | ZTE | ZENIC ONE R58 | High | 7.6 | 2024-12-30 09:30:22 | Deep Dive |
| CVE-2024-11938 | One Click Upsell Funnel for WooCommerce <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode | wpswings | One Click Upsell Funnel for Woocommerce | Medium | 6.4 | 2024-12-21 07:03:00 | Deep Dive |
| CVE-2024-11769 | Flower Delivery by Florist One <= 3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting | floristone | Flower Delivery by Florist One | Medium | 6.4 | 2024-12-04 07:32:27 | Deep Dive |
| CVE-2024-50381 | Missing Authentication for Critical Function in Snap One OVRC cloud | Snap One | OVRC cloud | 超危 | - | 2024-12-02 16:34:44 | Deep Dive |
| CVE-2024-50380 | Authentication Bypass by Spoofing in Snap One OVRC cloud | Snap One | OVRC cloud | 高危 | - | 2024-12-02 16:34:08 | Deep Dive |
| CVE-2024-51917 | WordPress Multiple Votes in one page plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | lequanghuylc | Multiple Votes in one page | Medium | 6.5 | 2024-11-19 16:30:59 | Deep Dive |
| CVE-2024-6628 | EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Cross-Site Request Forgery | cscode | EleForms – All In One Form Integration including DB for Elementor | Medium | 4.3 | 2024-11-16 03:20:51 | Deep Dive |
| CVE-2024-52383 | WordPress Ai Auto Tool Content Writing Assistant plugin <= 2.1.2 - Broken Access Control vulnerability | aitool | Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One | High | 7.5 | 2024-11-14 17:36:44 | Deep Dive |
| CVE-2024-52268 | VK All in One Expansion Unit 跨站脚本漏洞 | Vektor,Inc. | VK All in One Expansion Unit | - | - | 2024-11-13 05:49:50 | Deep Dive |
| CVE-2024-10853 | Buy one click WooCommerce <= 2.2.9 - Missing Authorization to Authenticated (Subscriber+) Order Deletion | northmule | Buy one click WooCommerce | Medium | 4.3 | 2024-11-13 02:02:35 | Deep Dive |
| CVE-2024-10854 | Buy one click WooCommerce <= 2.2.9 - Missing Authorization to Authenticated (Subscriber+) Settings Import | northmule | Buy one click WooCommerce | Medium | 4.3 | 2024-11-13 02:02:35 | Deep Dive |