| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39355 | Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control) | MGeurts | genealogy | Critical | 9.9 | 2026-04-07 18:56:06 | Deep Dive |
| CVE-2025-55288 | Genealogy has a Reflected XSS Vulnerability | MGeurts | genealogy | Medium | 5.5 | 2025-08-18 16:57:23 | Deep Dive |
| CVE-2025-55287 | Genealogy has a stored XSS vulnerability | MGeurts | genealogy | - | - | 2025-08-18 16:54:18 | Deep Dive |
| CVE-2025-32252 | WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability | Black and White | WP Genealogy – Your Family History Website | Medium | 5.3 | 2025-04-04 15:59:27 | Deep Dive |
| CVE-2017-20017 | The Next Generation of Genealogy Sitebuilding timeline2.php sql injection | unspecified | The Next Generation of Genealogy Sitebuilding | Medium | 6.3 | 2022-06-05 05:10:10 | Deep Dive |