| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-47647 | WordPress BadgeOS plugin <= 3.7.1.6 - Broken Access Control vulnerability | learningtimes | BadgeOS | Medium | 4.3 | 2025-01-02 12:00:36 | Deep Dive |
| CVE-2023-2173 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion | learningtimes | BadgeOS | Medium | 6.5 | 2023-08-31 05:33:14 | Deep Dive |
| CVE-2023-2171 | BadgeOS <= 3.7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | learningtimes | BadgeOS | Medium | 5.4 | 2023-08-31 05:33:11 | Deep Dive |
| CVE-2023-2174 | BadgeOS <= 3.7.1.6 - Missing Authorization in delete_badgeos_log_entries | learningtimes | BadgeOS | Medium | 4.3 | 2023-08-31 05:33:09 | Deep Dive |
| CVE-2023-2172 | BadgeOS <= 3.7.1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Title Overwrite | learningtimes | BadgeOS | Medium | 4.3 | 2023-08-31 05:33:08 | Deep Dive |
| CVE-2022-41987 | WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF) | LearningTimes | BadgeOS | Medium | 6.3 | 2023-05-25 10:13:51 | Deep Dive |