Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 20 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-62874 WordPress AnyComment plugin <= 0.3.6 - Broken Access Control vulnerability AlexanderAnyComment Medium 4.3 2025-12-31 16:42:24 Deep Dive
CVE-2025-60240 WordPress AnyComment plugin <= 0.3.6 - Local File Inclusion vulnerability AlexanderAnyComment 中危 -2025-11-06 15:55:10 Deep Dive
CVE-2025-48091 WordPress AnyComment plugin <= 0.3.6 - SQL Injection vulnerability AlexanderAnyComment High 8.5 2025-10-22 14:32:06 Deep Dive
CVE-2025-58227 WordPress Podlove Subscribe button Plugin <= 1.3.11 - Cross Site Scripting (XSS) Vulnerability Alexander LuekenPodlove Subscribe button Medium 6.5 2025-09-22 18:23:45 Deep Dive
CVE-2025-39430 WordPress mLanguage plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability Alexander RauschamLanguage High 7.1 2025-04-17 15:17:00 Deep Dive
CVE-2025-23824 WordPress FontAwesome.io ShortCodes plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability Alexander WeleczkaFontAwesome.io ShortCodes Medium 6.5 2025-01-16 20:07:17 Deep Dive
CVE-2024-53785 WordPress Chatter plugin <= 1.0.1 - Broken Access Control vulnerability Alexander VolkovChatter Medium 4.3 2024-12-09 13:02:16 Deep Dive
CVE-2024-50532 WordPress Events Manager Pro – extended plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability Jerin K AlexanderEvents Manager Pro – extended High 7.1 2024-11-19 16:32:33 Deep Dive
CVE-2024-49669 WordPress INK Official plugin <= 4.1.2 - Arbitrary File Upload vulnerability Alexander De RidderINK Official Critical 9.9 2024-10-23 15:35:26 Deep Dive
CVE-2023-34173 WordPress Yandex Metrica Counter Plugin <= 1.4.3 is vulnerable to Cross Site Scripting (XSS) Alexander SemikashevYandex Metrica Counter Medium 5.9 2023-08-30 14:04:11 Deep Dive
CVE-2023-26541 WordPress asMember Plugin <= 1.5.4 is vulnerable to Cross Site Scripting (XSS) Alexander SuessasMember Medium 5.9 2023-06-16 08:56:48 Deep Dive
CVE-2022-29435 WordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerability Alexander StokmannCode Snippets Extended (WordPress plugin) Medium 5.4 2022-05-17 19:54:24 Deep Dive
CVE-2022-29436 WordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Persistent Cross-Site Scripting (XSS) Alexander StokmannCode Snippets Extended (WordPress plugin) Medium 4.7 2022-05-17 19:51:57 Deep Dive
CVE-2022-29429 WordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) leading to Remote Code Execution (RCE) vulnerability Alexander StokmannCode Snippets Extended (WordPress plugin) High 8.8 2022-05-17 18:22:16 Deep Dive
CVE-2022-27854 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Alexander UstimenkoPsychological tests & quizzes (WordPress plugin) Medium 5.4 2022-04-26 18:36:08 Deep Dive
CVE-2021-36867 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability Alexander UstimenkoPsychological tests & quizzes (WordPress plugin) Medium 5.4 2022-04-26 18:03:12 Deep Dive
CVE-2022-24665 Remote Code Execution by by Contributor+ users via WordPress gutenberg block Alexander FuchsPHP Everywhere Critical 9.9 2022-02-16 16:38:06 Deep Dive
CVE-2022-24663 Remote Code Execution by Subscriber+ users via WordPress shortcode Alexander FuchsPHP Everywhere Critical 9.9 2022-02-16 16:38:06 Deep Dive
CVE-2022-24664 Remote Code Execution by by Contributor+ users via WordPress metabox Alexander FuchsPHP Everywhere Critical 9.9 2022-02-16 16:38:04 Deep Dive
CVE-2021-23227 WordPress PHP Everywhere Plugin <= 2.0.2 is vulnerable to Cross Site Request Forgery (CSRF) Alexander FuchsPHP Everywhere (WordPress plugin) Medium 5.4 2022-01-13 20:27:29 Deep Dive