| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15368 | SportsPress <= 2.7.26 - Authenticated (Contributor+) Local File Inclusion via Shortcode | themeboy | SportsPress – Sports Club & League Manager | High | 8.8 | 2026-02-04 13:24:42 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-3986 | SportsPress < 2.7.22 - Admin+ Stored XSS | Unknown | SportsPress | - | - | 2024-07-30 06:00:08 | Deep Dive |
| CVE-2024-34824 | WordPress SportsPress – Sports Club & League Manager plugin <= 2.7.20 - Broken Access Control vulnerability | ThemeBoy | SportsPress – Sports Club & League Manager | Medium | 4.3 | 2024-06-11 09:27:52 | Deep Dive |
| CVE-2024-1178 | SportsPress – Sports Club & League Manager <= 2.7.17 - Missing Authorization to Unauthenticated Event Permalink Update | themeboy | SportsPress – Sports Club & League Manager | Medium | 5.3 | 2024-03-05 01:55:47 | Deep Dive |
| CVE-2021-24578 | SportsPress < 2.7.9 - Reflected Cross-Site Scripting | Unknown | SportsPress – Sports Club & League Manager | 中危 | - | 2021-12-21 08:45:25 | Deep Dive |