| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-28230 | In SteVe, any authenticated charger can terminate any other charger's active transaction (missing ownership verification on StopTransaction) | steve-community | steve | - | - | 2026-02-26 22:49:34 | Deep Dive |
| CVE-2026-24526 | WordPress Email Inquiry & Cart Options for WooCommerce plugin <= 3.4.3 - Cross Site Scripting (XSS) vulnerability | Steve Truman | Email Inquiry & Cart Options for WooCommerce | Medium | 6.5 | 2026-01-23 14:28:49 | Deep Dive |
| CVE-2025-63034 | WordPress Page View Count plugin <= 2.9.0 - Settings Change vulnerability | Steve Truman | Page View Count | Medium | 5.4 | 2025-12-09 14:52:30 | Deep Dive |
| CVE-2025-10312 | Theme Importer <= 1.0 - Cross-Site Request Forgery | steve-forster | Theme Importer | Medium | 4.3 | 2025-10-15 08:25:58 | Deep Dive |
| CVE-2025-58800 | WordPress WP Email Template plugin <= 2.8.6 - Cross Site Request Forgery (CSRF) vulnerability | Steve Truman | WP Email Template | Medium | 4.3 | 2025-09-05 13:45:07 | Deep Dive |
| CVE-2025-55710 | WordPress TaxoPress Plugin <= 3.37.2 - Sensitive Data Exposure Vulnerability | Steve Burge | TaxoPress | Medium | 4.3 | 2025-08-14 18:21:30 | Deep Dive |
| CVE-2025-28967 | WordPress Contact Us page - Contact people LITE plugin <= 3.7.4 - SQL Injection Vulnerability | Steve Truman | Contact Us page - Contact people LITE | High | 8.5 | 2025-07-04 08:42:14 | Deep Dive |
| CVE-2025-48121 | WordPress WP Notes Widget plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability | Steve Puddick | WP Notes Widget | Medium | 6.5 | 2025-05-16 15:45:11 | Deep Dive |
| CVE-2025-46528 | WordPress Availability Calendar plugin <= 0.2.4 - Cross Site Request Forgery (CSRF) Vulnerability | Steve | Availability Calendar | High | 7.1 | 2025-04-24 16:08:59 | Deep Dive |
| CVE-2025-23616 | WordPress Canalplan plugin <= 5.31 - Reflected Cross Site Scripting (XSS) vulnerability | Steve | Canalplan | High | 7.1 | 2025-03-03 13:30:15 | Deep Dive |
| CVE-2025-22735 | WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability | Steve Burge | WordPress Tag Cloud Plugin – Tag Groups | High | 7.1 | 2025-01-21 13:40:35 | Deep Dive |
| CVE-2023-32963 | WordPress Predictive Search for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerability | Steve Truman | WooCommerce Predictive Search | Medium | 5.3 | 2024-12-13 14:23:28 | Deep Dive |
| CVE-2024-43237 | WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability | Steve Burge | WordPress Tag Cloud Plugin – Tag Groups | Medium | 5.3 | 2024-09-25 14:49:00 | Deep Dive |
| CVE-2024-21550 | SteVe 安全漏洞 | - | SteVe | Medium | 6.1 | 2024-08-12 14:54:36 | Deep Dive |
| CVE-2023-30874 | WordPress GPS Plotter plugin <= 5.4.0 - Cross Site Scripting (XSS) vulnerability | Steve Curtis | GPS Plotter | Medium | 5.9 | 2023-08-17 08:25:39 | Deep Dive |